For years, I have been helping covered entities, business associates and downstream contractors understand HIPAA and other federal and state health care data privacy and security laws and regulations, and develop and maintain policies and procedures that will help them comply with the law. These businesses range from startups with consumer-facing or health care provider-facing apps and web-based services, to big data analytics shops to health care providers of all sorts. Now that OCR — the federal HIPAA policeman — is enforcing the HIPAA / HITECH omnibus rule through random audits, complaint investigations and sanctions, it is more important than ever for covered entities, business associates and downstream contractors to maintain a robust HIPAA compliance program. HIPAA enforcement efforts will likely be stepped up in 2014 (see the November 2013 OIG report on OCR's enforcement efforts, and OCR's response including its plans for the future.) 

The Harlow Group is pleased to announce the first of a number of HIPAA-related partnerships with … The HIPAA Survival Guide. (Keep reading for discount information.)

The HIPAA Survival Guide is a subscription publication that includes a HIPAA compliance toolkit (policies, explanations, training videos, checklists, etc.) that allows me to provide comprehensive HIPAA compliance planning and advisory services to subscribers at reasonable rates.

For the DIY crowd, there is a wealth of information in the guide that could help you go it alone, but I would recommend that you consider that you work with me for more comprehensive, and more individually-tailored documentation and services that track your organization's operations and applicable state requirements. Your subscription will enable me to offer a comprehensive set of services at a lower price point.

Please contact me for 10% off the first year's subscription fee.

Among other things, the Guide includes detailed instructions and templates for use in conducting a HIPAA Security Risk Analysis.

If, however, you would prefer to contract out that annual analysis, please fill out the form below for a link to another partner that will provide a tailored HIPAA Risk Analysis and related services. Again, I am available to further customize the off-the-shelf security solutions to your specific situation, taking into account local law, types of information stored, etc.

If you have any questions, please contact me.

David Harlow
The Harlow Group LLC
Health Care Law and Consulting