Compliance Services

HIPAA Services

HIPAA Compliance Services

The Health Insurance Portability and Accountability Act (HIPAA) was passed by Congress in 1996 to reduce health care fraud and abuse, mandate industry-wide standards for health care information on electronic billing and other processes, and require the protection and confidential handling of protected health information. HIPAA was strengthened in 2009 by the Health Information Technology for Economic and Clinical Health (HITECH) Act. The HITECH Act addresses the privacy and security concerns associated with the electronic transmission of health information, in part, through several provisions that strengthen the civil and criminal enforcement of the HIPAA rules. HIPAA violations may carry massive fines and cause irreparable damage to brand reputation and patient trust.

Compass IT Compliance has spent the past decade working closely with healthcare providers and their partners to ensure compliance with both the Security Rule and Privacy Rule of HIPAA. Our reports can help to expose control gaps and mitigate the risk of a HIPAA violation or data breach.

Compass IT Compliance Services

  • HIPAA Risk Assessment - Assess your current level of compliance with HIPAA and HITECH, identify the flow of protected health information (PHI), identify gaps in controls, and identify key work areas that your organization must address to achieve and/or maintain compliance with the regulation
  • HIPAA Compliance - Verify compliance with the Privacy Rule (HIPAA) and the Security Rule (HITECH), identify risks, vulnerabilities, and gaps in current controls to protect electronic protected health information (ePHI) and protected health information (PHI)
  • MACRA / MIPS Risk Assessment - HIPAA and HITECH Risk Assessment to satisfy Medicare Access and CHIP Reauthorization Act (MACRA) and Merit Based Incentive Payments System (MIPS) requirements (formerly Meaningful Use Core Objective 15). Qualify for the Medicaid and Medicare EHR financial incentive program using our custom security risk analysis and remediation strategy
  • HIPAA Training Programs - Online and onsite training programs to teach the importance of HIPAA protections and cybersecurity principles within the healthcare industry, including the dangers of ransomware and phishing attempts

Let Compass IT Compliance assist your organization in assessing any risks present through our HIPAA services so you can secure your PHI data environment, comply with regulatory compliance requirements, and save time, money, and resources in the process. Contact us today to discuss your unique situation. Secure. Comply. Save.


“We initially chose Compass to help us with our PCI and HIPAA compliances. As we grew, Compass expanded its services to become a true partner in ensuring that our service provides the security that our clients expect” - Usablenet

HIPAA Blog Posts

Contact Us