SRA+™ Pricing

KFMC, the not-for-profit organization that developed the SRA+™ risk assessment and remediation platform, is mission driven to improve the quality, effectiveness and safety of healthcare. We understand that protecting your patients’ data is part of protecting their health. Essential for that protection is a comprehensive Information Systems Security Risk Management Plan which starts with an accurate and thorough security risk assessment.

In keeping with our mission, we have priced SRA+™ as low as we possibly can to make it affordable to even small healthcare practices and their business associates.

Through our years of working one-on-one with practice managers, we know these dedicated individuals “wear many hats,” have multiple responsibilities, and never have enough time in their work day. We know they simply do not have the time to study the HIPAA Security Rule as we have, much less keep up with the ever-changing environment of threats and controls for health IT systems.

We are confident that a busy practice manager will discover that SRA+™ makes the annual task of conducting a security risk assessment less daunting. Because SRA+™ walks the user through the process and provides bite-size pieces of education along the way, the practice manager can approach the task with confidence rather than with dread.

And it doesn’t stop there! Though we know it may often happen, completing the assessment does not complete the process. SRA+™ facilitates the remediation of risks that are identified in the assessment. This is a critical piece that is often overlooked and often cited in HIPAA Audit findings. SRA+™ makes it easy to see, plan and track what needs to be done to reduce those risks you are uncomfortable with.

Annual License Fee

What You Get

The $750 fee gives your organization access to the program for one year from the date of purchase. During that year, you can complete the assessment, analyze the results, generate reports, and document all remediation activities carried out during the year. Upon renewal, your organization will have access to all previous years’ data as well as a new platform for the new year.

KFMC’s Health IT consultants are available on a fee-for-service basis to answer any questions you might have about the tool itself, the HIPAA Security Rule implementation specifications, or how to properly assess if your controls and safeguards adequately address those specifications. We will tailor our assistance to your specific needs. The hourly rate for this service, like the license fee, is intentionally kept as low as possible, in keeping with our mission and our not-for-profit status. Simply let us know your needs, and we will be happy to give you a cost estimate to meet those needs. We are confident you will find our rates to be extremely competitive.

If your organization has multiple practice sites, we offer additional pricing tiers. Please contact us for more information.

Other Services

KFMC offers many Health IT services.

We are happy to provide you a free, no-obligation estimate for assistance with:

  • Security Policies and Procedures – Review, Development, and Updating
  • EHR Vendor Selection and Implementation
  • Process Analysis and Redesign
  • CMS Promoting Interoperability (formerly Meaningful Use)
  • EHR Optimization