Compliance Manifesto

  3600_Compliance_Manifesto_Thumb  Digital Download 
Add to Cart$29.95

Omnibus Rule Ready

We have educated thousands of stakeholders on the HIPAA Rules ("Rules") through our monthly webinars and newsletters during the past seven years. We intend to educate many thousands more in the years to come. During that time our own understanding of the Rules has also increased dramatically from our interaction with the marketplace.

Through this collaborative effort a great many insights have been added to the HIPAA compliance lexicon. These insights and lessons learned apply not only to HIPAA, but to any compliance regime you can think of. Therefore, the manifesto (“Manifesto”) provided herein has wide applicability across industries and subject matter domains. For example, both the Compliance Equation™  and the Compliance Stack™ have been derived as a result of this interaction.

Compliance stack graphicOur Subscription Plan, in addition to Expresso® and a host of products, comes with a comprehensive methodology based on NIST's Cybersecurity Framework and our Agile Methodology. Our Compliance Manifesto™ reflects our compliance thought leadership providing overarching first principles that help our customers formulate and implement a culture of compliance.

Our Manifesto provides a framework for how organizations should think about their compliance initiative with the objective of changing their organization's compliance DNA. The necessity for rethinking compliance across all subject matter domains is fast becoming a national security imperative.

The discipline of regulatory compliance must transform itself from the current perception of being a necessary evil, to being a critical component of how value is delivered to the customer.  

Compliance equation

Going forward we anticipate the need for many more compliance professionals across a wide array of disciplines. This remains true despite  any administration's desire to reduce regulations. The Compliance Equation™ (depicted by the graphic to the left) is found in many of our products as an example of three things that a stakeholder needs to have for each compliance requirement, to wit: (1) a Policy; (2) a Process that underpins the Policy; and (3) the ability to track Process Results. If you have all 3 things for a respective requirement, then you have visible, demonstrable evidence ("VDE") for that requirement. If you have VDE for all requirements in a given compliance regime, then  you are, by definition, compliant with that regime. There is simply no way that cybersecurity compliance regimes (e.g. similar to HIPAA and GDPR) are going to disappear any time soon. In fact, they are likely to grow in importance as we  continue to embrace the 24/7 online world that we all now inhabit.

Regulations are how we apply normative principles to the intractable problems that we confront (e.g. on Wall Street, the environment, in healthcare, the law, government, etc.). Show me a Nation, State, City and/or Community that does not self-regulate and I will show a body politic that is drifting into chaos.

It is not a question of having more or less regulations but rather smarter and more just regulations.  It should go without saying that people of good conscious everywhere do not want to leave a world ruled by anarchy for their children and grandchildren.

The little anarchy that we have experienced in the past fifty years pales in comparison to what may ensue if we do not find a way to regulate the unsustainable paths that we are now embarked upon vis-a-vis lack of cybersecurity protection.



As a Healthcare Technology vendor we found ourselves with little direction attempting to learn and comply with HIPAA and HITECH regulations. The overhead of learning and implementing needed policies and procedures was so detrimental to our internal efficiency and service delivery that we had to discontinue service for a major share of our client base just to concentrate on HIPAA regulations. We have since found the HIPAA Survival Guide and signed up for their Subscription Plan. With the help and guidance provided by HSG, we have now returned our focus to what we do best. In the past 6 months our company has increased knowledge, literature, and direction as well as record revenue by 421%. Thank You HSG, we couldn’t have done it without you!” -Wiles Tech    See More Testimonials...