This self assessment is designed to provide covered entities with an idea of how they might fare in a HIPAA audit. It contains 78 questions to which you will be asked to answer “yes,” “no,” “uncertain” or “non-applicable.” Questions in this self-assessment are phrased so that "correct" answers are "yes" or “non-applicable”. HIPAA has both Privacy rules and Security rules. This self-assessment is also split into those two sets of rules.