HIPAA Compliance

HIPAA Policies & Procedures Manual

Tailored for Your Medical Practice

Your Policies and Procedures will be:

Customized to your Practice
Shipped to you in a 3-ring binder, with a CD for your
         print and website needs
In your hands in just a few days all for only $450, plus
         tax, shipping and handling


It’s not enough to just have Policies and Procedures. Every member of your Practice’s “workforce” (defined as Physicians, other providers, full-time and part-time staff, as well as temporary workers and volunteers) needs to be trained. Face-to-face Group Training sessions are difficult to schedule and ensure everyone does attend. Our Online Training is entertaining and informative, and available to every person in your workforce when it's convenient for them.


Order your Online Training today and receive:

E-mail “access keys” for each member of your workforce
A log of who took the training
Access to the 1-hour training
15-minute test of the information
Certificates for all employees who complete the training

HIPAA Security Risk Assessment

Have you conducted an IT Security Review recently?

If your answer is NO, you could be open to substantial penalties and fines.

Provide Security Risk Assessment for your Practice

Patient confidentiality and record security is an important concern for every practice with the latest HIPAA laws in place and the compliance reviews being conducted at physician's practices. It's important for every practice to have a Policies and Procedures, trained staff, and a Security Officer who regularly monitors the risks associated with the HIPAA requirements.

Physicians' Ally Has the HIPAA Solution

Our HIPAA Security Experts will walk your Practice through a detailed, customized HIPAA Security Risk Assessment.  The final product will be an additional HIPAA Security Compliance Policies and Procedure Manual for a project fee of $2,500.  The new manual would contain a complete Risk Analysis, Identification of Threats, Magnitude of Risk, and Gap Analysis that addresses the HIPAA-required risk analysis (45 CFR § 164.308 Administrative safeguards, 45 CFR § 164.310 Physical safeguards, 45 CFR § 164.312 Technical safeguards).  

What Does a HIPAA Security Risk Assessment Entail?

We begin the project with an (estimated) 3-hour client ‘interview,’ in which we gather the salient information on the practice’s current IT set-up. Through use of an extensive audit tool, we streamline the client interview process. 

Based on the Practice’s unique areas of exposure, Physicians’ Ally, Inc.’s team researches solutions to any identified Security Risk exposure. Physicians’ Ally, Inc. creates necessary Policies and Procedures and identifies recommendations for staff training and future areas of attention by the Practice.  Examples of some policies and procedures generated for other clients in the past are: 

Sample of Administrative Safeguard Policies and Procedures:

Data Backup Plan 
Disaster Recovery Plan 
Information System Activity Review 

Sample of Physical Safeguard Policies and Procedures:

Workstation Security 
Document Disposal 
Media Re-Use 

Sample of Technical Safeguard Policies and Procedures: 

Unique User Identification 
Emergency Access Procedure 

The project engagement will wrap-up with a 1-hour (estimated) meeting with the Client at which work products will be presented, discussed and delivered.  Work products include a hard-copy or flash drive version of the new HIPAA Security Manual and recommendations for next steps.  

Ongoing client work can continue beyond the project under an hourly Consulting Agreement.