Compliance posture · Spear One Solutions
Scores reflect submitted evidence only. Controls marked No Data require evidence upload to be evaluated.
Governance Documents
Annual policies and procedures — evaluated by AI and reviewed by your CISO
| Document | AI Eval | Next Review | Status |
|---|---|---|---|
Business Associates
Vendors with ePHI access — BAA currency and annual review status
| BA Name | Relationship | BAA Next Review | Status |
|---|---|---|---|
Monthly Evidence
Current = uploaded within the last 30 days
| Evidence Type | Last Upload | Days Since | Last 30d | Status | |
|---|---|---|---|---|---|
| Upload → |
Periodic Evidence
Phishing simulation = quarterly (90d) · Policy review = annual (365d)
| Evidence Type | Cadence | Last Upload | Days Since | Count | Status | |
|---|---|---|---|---|---|---|
| Upload → |
Gap Reports
· ·
| Report | Period | |
|---|---|---|
|
|
Download links expire in 15 minutes. Refresh the page to generate new links.
Delete Report
This report PDF will be permanently deleted and cannot be recovered.
Governance Document Quality Evaluations
Review each uploaded policy document and record whether it meets NSANE quality standards. Evaluations are recorded in the platform and drive control scoring.
Quality Evaluation
AI Pre-Evaluation
Takes ~10 seconds. Result is saved for future opens.
Flagged gaps:
Form pre-filled from AI recommendation. Review and submit your final decision.
Archive Document
This document will be removed from the portal. It will be retained in storage for 30 days and can be recovered by an administrator if needed.
HIPAA Evidence Templates
Download and complete these templates, then upload via the Evidence Upload form. Download links expire in 15 minutes — click the Templates tab to refresh.
Download links expire in 15 minutes. Click the Templates tab again to refresh.
Uploaded Evidence Files
All evidence files uploaded for this environment. Delete misloaded files or correct metadata.
| File | |
|---|---|
|
|
Delete Evidence File
This evidence file and all associated parsed data will be permanently deleted and cannot be recovered.
Edit Evidence File
Compliance Event Records
Log workforce, security, and technical compliance events (G-Records). These records provide HIPAA evidence and are retained as audit artifacts.
| Added | ||
|---|---|---|
Delete Record
Delete this entry? This cannot be undone.
Log a new compliance event record
Third-Party Vendors
| Name | Service | Data Scope | Agreement Signed | Next Review | Risk | Status | Actions |
|---|---|---|---|---|---|---|---|
| Not assessed |
Manage Documents |
Please describe in the Notes field below.
Annual BA Assessment
Breach / Incident Notification
Archive Vendor
This vendor will be removed from the BA Management list. Assessment history and incident records are retained in the database.
Delete Document
This document will be permanently deleted from S3 and removed from the vendor record. This action cannot be undone.