Products

Subscription Plan $2,495.95 Money Back Guarantee

Our yearly Subscription Service ("Service") includes all products currently available and any product updates released during the subscription year. The yearly renewal for our Service is $1295.95 per year (optional), on a year-to-year basis. Our Service represents a considerable value when compared to buying each individual product. Why? Because our Service not only includes all current products and updates, but it also includes access to all new products that are released during the year.

In addition to our products, the Service is our vehicle for making available content that is only offered to subscribers. Examples include regulatory updates, best practices, HITECH/HIPAA case law analysis and more "news you can use" complete with insights that you cannot find elsewhere. Please review our archived newsletters to get a feel for what you can expect. You will also get more detailed information regarding how to use our proven H 2 Compliance Scorecard to help you launch your compliance initiative. In short, in addition to products, our Service is built upon a robust methodology that helps you continue to meet your compliance objectives over time.

See Details

Return to Cart
Omnibus Rule Ready

 

 Expresso

Expresso™ is part of our Subscription Plan & Money Back Guarantee

Our Expresso™ software-as-a-service ("SaaS") embodies the NIST seven (7) step process for performing Risk Assessments. Expresso™ builds on the NIST foundation to facilitate performing Risk Assessments by rationalizing the NIST methodology in a manner that makes it accessible to lay persons.

What QuickBooks Online ("QBO") did for accounting Expresso™ does for Risk Assessments. QBO did not eliminate all the work associated with accounting, what it did was transform accounting from a necessary evil, something to be avoided at all costs and/or handed over to a third party, to something that a business person could master at some basic to intermediate level.

Expresso™ comes pre-populated with (T)hreats, (V)ulnerabilities, and potential business (I)mpacts to your organization making the calculation of (R)isks easier than the tedious process that our competitors offer. In addition to pre-populating of Threats, Vulnerabilities and Impacts, Expresso™ allows you to modify all pre-populated data in a manner that best fits your organization.

See Details

 

Return to Cart
Omnibus Rule Ready

 

Digital Download 

HIPAA Privacy Rule Checklist $229.95 

Our  HIPAA Privacy Rule Checklist  ("Checklist") is intended to deliver guidance, including suggested policies, processes, and tracking mechanisms that will allow you to make sense out of this new terrain. It is intended as a knowledge transfer vehicle that allows you to derive the HIPAA Privacy Rule compliance solution that works best within your organization. Our Checklist will "walk you through" the relevant statutory/regulatory sections of the HIPAA Privacy Rule, highlighting the policies, processes and tracking mechanisms required at a granular level.

Our Checklist is comprised of Checklist Items that have the following components:

1) a policy statement that reflects an organization's intentions: the what;

2) a definition of a process by which the policy is implemented: the how; and

3) suggested tracking mechanism(s) for capturing process results: the measurement.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download 

Model Notice of Privacy Practices $79.95 

This Model Notice of Privacy Practices ("NOPP"), reflects modifications to the NOPP mandated by the Omnibus Rule. HHS has indicated that these changes are "material" and therefore require action on the part of Covered Entities. This Policy is one of a number of templates included in our Privacy Rule Checklist as discussed below.

This Policy was derived from, and included in, our Privacy Rule Checklist ("PRCL") which is sold separately. The objectives of our PRCL are to explain the Privacy Rule in simple terms, and provide you with model policies (including this one), processes, and tracking mechanisms that help you comply with the Rule. Our PRCL helps you put workable policies and procedures in place that conform to the HITECH Act and the Privacy Rule, as best as practicable for your organization.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download 

Model Privacy Rule Policy $79.95 

This policy ("Policy") covers the entirety of the Privacy Rule ("Rule"), from permitted uses and disclosures to the administrative requirements. Instead of having a separate policy for each section of the Rule, with repeated and uncessary boilerplate in each, we chose to provide a comprehensive single document view of the Rule from a policy perspective. This Policy is one of a number of templates included in our Privacy Rule Checklist as discussed below.

This Policy was derived from, and included in, our Privacy Rule Checklist ("PRCL") which is sold separately. The objectives of our PRCL are to explain the Privacy Rule in simple terms, and provide you with model policies (including this one), processes, and tracking mechanisms that help you comply with the Rule. Our PRCL helps you put workable policies and procedures in place that conform to the HITECH Act and the Privacy Rule, as best as practicable for your organization.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download

HIPAA Cloud, Social Media, and Mobile Checklist $229.95 

Our HIPAA Cloud, Social Media, and Mobile Checklist ("CSMM") ("Checklist") is intended to deliver guidance, including suggested policies, processes, and tracking mechanisms that allow you to make sense out of this new and quickly evolving terrain. The healthcare industry is adopting Cloud, Social Media, and Mobile technologies at an unprecedented rate. Although these enabling technologies collectively help drive the point of care anywhere vision and productivity, they also present unique and unanticipated compliance challenges. Our Checklist is intended as a knowledge transfer vehicle that allows you to derive the CSMM compliance solution that works best within your organization. Our Checklist will "walk you through" the relevant sections of the CSMM, highlighting the policies, processes and tracking mechanisms required at a granular level.

Our Checklist is comprised of Checklist Items that have the following components:

1) a policy statement that reflects an organization's intentions: the what;

2) a definition of a process by which the policy is implemented: the how; and

3) suggested tracking mechanism(s) for capturing process results: the measurement.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download 

Model Mobile Policy $49.95 

This Model Mobile Policy ("MPP") reflects best practices for dealing with the compliance challenges presented by mobile devices (phones, pad, latops, etc.). The next few years are going continue to be full of headlines in healthcare journals on the explosion of Mobile Device usage among clinical professionals and the role that these devices continue to play in major PHI data breaches. This Policy is one of a number of policies included in our Cloud, Social Media, and Mobile Checklist as discussed below.

This MMP was derived from our Cloud, Social Media, and Mobile Checklist ("CSMM") which is sold separately. The objectives of our CSMM are to explain cloud, social media and mobile HITECH/HIPAA compliance issues in simple terms, and provide you with model policies (including this one), processes, and tracking mechanisms that help you comply with these emerging challenges. Our CSMM helps you put workable policies and procedures in place that conform to the HITECH Act and HIPAA regulations, as best as practicable for your organization.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download

HIPAA Breach Notification Framework $229.95 

Why do you need a Breach Notification Framework? Look at the Breach Notification Decision Points for the answer to that question.

Section 13402 of the HITECH Act requires that HIPAA covered entities and their business associates provide various notifications following a breach of unsecured protected health information. Our Breach Notification Framework offers guidance for complying with HITECH's Breach Notification requirements. With the Framework, you'll be able to determine when, how and to whom breach notices must be sent and whether your existing plan needs a major overhaul or just a simple adjustment.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download

HIPAA Breach Notification Policy $29.95 

This policy ("Policy") implements section 13402 of the Health Information Technology for Economic and Clinical Health ("HITECH") Act which requires HIPAA covered entities and their business associates to provide notification following a breach of unsecured protected health information. The objective of this Policy is to ensure that your organization fully complies with HITECH's Breach Notification requirements.

The Policy was derived from our Breach Notification Framework which is sold separately. The objective of our Framework is to explain the breach notification regulations in simple terms, and provide your organization with guidelines and tools for implementing, refining and measuring breach notification policies and procedures. This product is also included in our HIPAA Breach Notification Framework as a complementary FREE Gift.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download

Business Associate Agreement Model Contract $179.95 

Why do you even need a Business Associate Agreement?   HIPAA regulations and the HITECH Act mandate that a Covered Entity establish a written contract with a Business Associate in a number of instances, including whenever a Business Associate "manages" Protected Health Information on behalf of a Covered Entity. Our Business Associate Agreement Model Contract is a quick, simple solution for both Covered Entities and Business Associates.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download 

Business Associate-to-Business Associate Model Contract $179.95 

HITECH and HIPAA Compliant - The provisions in our model Business Associate-to-Business Associate Agreement meet the requirements of both HIPAA (including the recent Omnibus Rule changes) and the HITECH Act.

QUICK and EASY - For most small practices/businesses this agreement is a "right out of the box" solution.  You can literally just fill in the blanks on the Business Associate-to-Business Associate Template, print it out and you're ready to go.   REUSE IT - Your business entity/practice can reuse the Business Associate-to-Business Associate Agreement for each and every Business Associate relationship requiring a Business Associate Agreement. 
CUSTOMIZABLE - Even though the Business Associate-to-Business Template was developed to be an "out of the box" solution for small practices and businesses, the supporting annotated documents and user's guide walk you through the contract, identifying potential issues and making suggestions for suitable modifications to the agreement.
KNOW What You're SIGNING - Sooner or later, someone from another practice or business is going to put their version of a Business Associate Agreement in front of you.  Our annotated agreement and user's guide helps you fully understand what you are committing your organization to when you sign on their dotted line.  Moreover, you will be able to better identify any pitfalls or omissions the "other guys" may have in their agreement.
Download it NOW! - As soon as you complete your purchase you will receive an e-mail with instructions for downloading your copy of the Business Associate-to-Business Template and supporting documentation.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download

The HIPAA Frameworks Combo Package $299.95 

This  package includes: (1) HIPAA Breach Notification Framework; (2) Business Associate Agreement; (3) The Security Rule Under HITECH: A Business Associate's Perspective; and (4) the HITECH Breach Notification Policy in an all in one package at considerable savings.

See Details

Return to Cart
Omnibus Rule Ready

3400_HIPAA_Certification_Program_Thumbnail
 Digital Download

HIPAA Certification Program  $795.95

(can be purchased separately or comes with the Subscription Plan)

Our HIPAA Certification Program (HCP ™) comes with 15 courses ("Courses") that cover the breadth and depth of the HIPAA Privacy, Security, and Breach Notification Rules ("Rules"), including specialty courses such as Audit Preparation, Social Media, and Mobile. Our surviving a HIPAA Audit Series of courses provides comprehensive coverage of what you may be asked to produce in a Live Audit or Desk Audit.

Our exam contains over 250 True/False questions drawing and distributed more or less equally from all the Courses. The questions cover all Subparts of the Rules. We recognize 70% or better as a passing score. 

Authority

The courses in our Program were curated and delivered by Carlos Leyva, a nationally renown HIPAA expert. Carlos co-authored the HIPAA Survival Guide and has been delivering HIPAA monthly webinars and an online newsletter for over seven years now. You can view our archive of newsletters here. Since the promulgation of the HITECH Act in 2009, Carlos has taught thousands of students regarding why, as he often says: "This is NOT your Daddy's HIPAA anymore." Carlos presents complex material in a way that is readily understood by lay people. That is the reason that hundreds of individuals attend his webinars every month. Carlos also is active in the HIPAA Survival Guide's LinkedIN Group where HIPAA thought leaders discuss topical issues, from ransomware to dissecting the latest breach.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download

HIPAA Training Modules Combo Package $149.95 

This  package includes: (1) the BREACH NOTIFICATION SIMPLIFIED  Training Module; (2) the HIPAA Privacy Rule Under HITECH  Training Module; (3) the HIPAA Security Rule Under HITECH  Training Module; and (4) the HITECH and HIPAA Compliant  Training Module all in one Combo Package.  

See Details

Return to Cart
Omnibus Rule Ready

Digital Download

HITECH Training Module $49.95 

HITECH and HIPAA Compliant - Our HITECH Training Module gets you up to speed on the changes that have transformed HIPAA from a paper tiger into legislation with real teeth. You get a training video, presentation, and a HITECH Quiz that can be be used to verify HITECH training class attendance within your organization. The training video is well suited for group and/or individual training. In addition, the training material contains live links to the full text of the statute and regulations in order to enhance the educational experience.

QUICK and EASY CUSTOMIZATION - You could spend thousands of dollars developing training in house or pay consultants more to do the same. Our HITECH Training Module provides your organization our files in native format so that you can customize the training to your organizational requirements or use it as is right out-of-the-box.

REUSE IT - Reuse our training materials over and over as you add new members to your workforce.

See Details

Return to Cart
Omnibus Rule Ready
INSERT HERE

HSG-Omnibus-Rule-Training-Module
 Digital Download

Omnibus Rule Training Module $79.95

HIPAA Omnibus Rule Training - Our HIPAA Omnibus Rule Under HITECH Training Module gets you up to speed on how the Omnibus Rule has impacted the HIPAA Rules including changes to: 1) the HIPAA Enforcement Rule; 2) the HIPAA Security Rule; 3) the HIPAA Privacy Rule; and 4) the Breach Notification Rule.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download

HIPAA Privacy Rule Training Module $49.95 

HIPAA Privacy Rule Training - Our HIPAA Privacy Rule Under HITECH Training Module gets you up to speed regarding how the HITECH Act has impacted the HIPAA Privacy Rule and how marketplace trends are impacting it as well.

We walk you through the entirety of the Privacy Rule and discuss the impact that the HITECH Act has had under three major sections: 1) Uses and Disclosures of PHI contained in Sections § 164.502 through § 164.514; 2) the Patient's Bill of Rights contained in Sections § 164.520 through § 164.528; and 3) the Administrative Requirements contained in Section § 164.530.

PACKAGE CONTENTS: You get a training video, presentation, and a Privacy Rule Under HITECH Quiz (and answer key) that can be be used to verify your Privacy Rule Training class attendance within your organization. The training video is well suited for group and/or individual training. In addition, the training material contains live links to the full text of the statute and regulations in order to enhance the educational experience.

QUICK and EASY CUSTOMIZATION - You could spend thousands of dollars developing training in house or pay consultants more to do the same. Our Privacy Rule Training Module provides your organization our files in native format so that you can customize the training to your organizational requirements or use it as is right out-of-the-box.

REUSE IT - Reuse our training materials over and over as you add new members to your workforce.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download

HIPAA Security Rule Training Module $49.95 

HIPAA Security Rule Training - Our HIPAA Security Rule Under HITECH Training Module gets you up to speed regarding how the HITECH Act has impacted the HIPAA Security Rule and how marketplace trends are impacting it as well.

We walk you through the entirety of the Security Rule and discuss the impact that the HITECH Act has had under three major sections: 1) Administrative Safeguards; § 164.308; 2) the Technical Safeguards § 164.312; and 3) the Physical Safeguards § 164.310.

PACKAGE CONTENTS: You get a training video, presentation, and a Security Rule Under HITECH Quiz (and answer key) that can be be used to verify your Security Rule Training class attendance within your organization. The training video is well suited for group and/or individual training. In addition, the training material contains live links to the full text of the statute and regulations in order to enhance the educational experience.

QUICK and EASY CUSTOMIZATION - You could spend thousands of dollars developing training in house or pay consultants more to do the same. Our Security Rule Training Module provides your organization our files in native format so that you can customize the training to your organizational requirements or use it as is right out-of-the-box.

REUSE IT - Reuse our training materials over and over as you add new members to your workforce.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download

Breach Notification Training Module $49.95 

BREACH NOTIFICATION TRAINING - Our HITECH Breach NotificationTraining Module gets you up to speed regarding the 800 pound gorilla of the HITECH Act. We walk you through a methodology for determining when notification is triggered, and how to notify patients, HHS, and prominent media according to applicable law. We also discuss the processes you need to have in place in order to track security incidents effectively in your organization. Finally, we review the Costs of Non-Compliance to ensure that you understand the potential risks your organization faces should a major breach occur.

PACKAGE CONTENTS: You get a training video, presentation, and a HITECH Breach Notification Quiz (and answer key) that can be be used to verify HITECH Breach Notification Training class attendance within your organization. The training video is well suited for group and/or individual training. In addition, the training material contains live links to the full text of the statute and regulations in order to enhance the educational experience.

QUICK and EASY CUSTOMIZATION - You could spend thousands of dollars developing training in house or pay consultants more to do the same. Our HITECH Breach Notification Training Module provides your organization our files in native format so that you can customize the training to your organizational requirements or use it as is right out-of-the-box.

REUSE IT - Reuse our training materials over and over as you add new members to your workforce.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download

HIPAA Business Associates Training Module $49.95 

HIPAA Business Associates Training - Our HIPAA Business Associates Under HITECH Training Module gets you up to speed regarding how the HITECH Act has impacted Business Associates and the implications of these changes with respect to:  1) the HIPAA Security Rule; 2) the HIPAA Privacy Rule; and 3) the Breach Notification Rule.

We walk you through the changing relationship between Business Associates and Covered Entities and how the HITECH Act is having a transformative effect on how these parties work together going forward. We also cover changes to the Business Associate Contract required and otherwise necessitated by the Act.

PACKAGE CONTENTS: You get a training video, presentation, and a Business Associates Under HITECH Quiz (and answer key) that can be be used to verify your Business Associate Training class attendance within your organization. The training video is well suited for group and/or individual training. In addition, the training material contains live links to the full text of the statute and regulations in order to enhance the educational experience.

QUICK and EASY CUSTOMIZATION - You could spend thousands of dollars developing training in house or pay consultants more to do the same. Our Business Associate Training Module provides your organization our files in native format so that you can customize the training to your organizational requirements or use it as is right out-of-the-box.

REUSE IT - Reuse our training materials over and over as you add new members to your workforce.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download

Mobile Devices Training Module $29.95 

Mobile Devices Training - Our Mobile Devices Under HITECH Training Module gets you up to speed on how Mobile Devices have impacted the HIPAA Rules including: 1) the HIPAA Security Rule; 2) the HIPAA Privacy Rule; and 3) the Breach Notification Rule. We walk you through Mobile Device (phones, pads, laptops, etc.) challenges created by locally stored PHI, asset management, bring your own device ("BYOD"), wireless networks and audits, as well as the best practices that help you meet these challenges. It short, we present an overiew of what your mobile compliance initiative ("MDI") should consist of, keeping in mind that most PHI data breaches occur as a result of Mobile Devices.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download

Social Media Training Module $29.95 

Social Media Training - Our Social Media Under HITECH Training Module gets you up to speed regarding how Social Media has impacted the HIPAA Rules including: 1) the HIPAA Security Rule; 2) the HIPAA Privacy Rule; and 3) the Breach Notification Rule. We walk you through Social Media governance, challenges and best practices. We present an overiew of what your Social Media compliance initiative ("SMI") should consist of, keeping in mind that today everyone in your workforce is a potential publisher.

PACKAGE CONTENTS: You get a training video, presentation, and a Social Media Under HITECH Quiz (with answer key) that can be used to verify class attendance within your organization. The training video is well suited for group and/or individual training. In addition, the training materials contain live links to the full text of the statute and regulations in order to enhance the educational experience. Our Social Media training is derived from our HIPAA Cloud, Social Media, and Mobile Checklist under HITECH, which is sold as a separate product.

QUICK and EASY CUSTOMIZATION - You could spend thousands of dollars developing training in house or pay consultants more to do the same. Our Social Media Training Module provides your organization with our files in native format so that you can customize the training to your organizational requirements or use it as is right out-of-the-box.

REUSE IT - Reuse our training materials over and over as you add new members to your workforce.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download

HIPAA Survival Guide Fourth Edition $29.95 

The Fourth Edition of the HIPAA Survival Guide updates the Third Edition of the Guide with the recent Omnibus Rule modifications. The Omnibus Rule modifications are placed contextually throughout the Guide depending on the part of the Rules modified. All regulatory links in the Fourth Edition point to the the Omnibus Rule Ready regulations on the HIPAA Survival Guide website.

The Fourth Edition also comes with a rigorous and detailed summary of the HHS Omnibus Rule. The summary reduces the 500 pages contained in the Rule to a manageable number of pages, providing you only the essence of what was modified. In short, "news you can use."

The HITECH Act has indeed proven to be transformational. The Fourth Edition of the Guide is foundational to your understanding of the Rules going forward. Accept no substitute.

See Details

Return to Cart
Omnibus Rule Ready

Digital Download

The Security Rule : A Business Associate's Perspective $29.95 

The most important step for building a "good Security Rule compliance story" is for the business associate to get started. The approach recommended herein is to build the story iteratively over time. Most business associates (large or small) will likely need help in creating the story. Getting started in the wrong direction initially could be far more costly in the long run, since much of the compliance budget may simply be wasted. The framework discussed throughout this document provides a good road map to follow.

See Details

Return to Cart
Omnibus Rule Ready