HIPAA, HITech, and the Omnibus Rules requires every healthcare provider to conduct audits of their security measures in their networks. These tools help you to conduct internal audits in order to measure your compliance and determine your future needs. HHS recommends use of the SRA Tool while NIST recommends the use of the HSR Tool. Both are very good measures for compliance.