If you arrived at this site you are probably looking for assistance with constructing your HIPAA compliance program.

Let us help you unravel the confusing world of HIPAA with our accurate, fast, easy, inexpensive products or services that have helped so many others like Dr. Owens:

Dr. Ty:

I have great news today about our prepared response, relative to the random audit, for which I was chosen: I received a letter today that I have met the meaningful use criteria and passed the audit, for the HIPAA risk analysis, et. al… and I will get my check after all! Wow this is great news!  

I want to thank you for your help in resolving this issue without me having a nervous breakdown! I hate this for the other Docs that are/will go through this- it is so unexpected when that notice arrives that you are going to be audited and it might mean you don’t get your check or worse, they might take back money they already gave you!

I encourage all Docs to follow your program, before they get a demand for their HIPAA compliant risk analysis, because, although one never knows what the government will accept;  your program  takes the guess work out of the equation!

Dr. Pam Owens

  • First, do you have an ongoing, active, monthly updated HIPAA compliance program? No one can ever be 100% compliant, so you have to do as much as you can. A HIPAA compliance program must be ACTIVE, a book or manual on a shelf is worthless. Experts disagree, attorneys disagree and even court cases are fought over the interpretation of the laws and what constitutes adequate compliance. Do MORE, not LESS.
  • Second, do you have all the security rules covered and especially a detailed risk analysis performed and documented? Enforcement is on the rise. Recently there have been reports of CMS demanding to see a copy of doctors HIPAA Risk Analysis  prior to sending a check for Meaningful Use post attestation  (one of the many requirements under the HIPAA SECURITY RULES). There have also been reports of CMS saying to doctors that they are going to TAKE BACK meaningful use checks, already issued, unless supplied with an adequate HIPAA Risk Analysis!
  • Third, have you changed policies, procedures and documents relative to the new Omnibus Rules that went into effect September 23, 2013? If you are not passing out the correct, revised Notice of Patient Privacy Policy (one of the many requirements under the HIPAA PRIVACY rules) to all NEW patients, are not getting a signed acknowledgement, are not using the correct Business Associate Confidentiality Contracts and following the new rules for EHR/EMR users you are NOT in compliance and those rules were set to increase enforcement upon those areas that are considered ‘problem areas’. OCR and CMS have said they are going to enforce, we have prepared for it and now it is here- are you ready?
  • Fourth, do you understand willful neglect? It is defined as the doctor NOT doing what they knew or SHOULD HAVE KNOWN was required. If you have a complaint and you fall under the ‘willful neglect’ category, then your fines start at a minimum of $50,000.00 and can go up to 250k with the cap being 1.5 million, in some instances.

Our New Flagship Product:

The HIPAA Survival Kit

 Consists of:

  •  A step-by-step workbook
  •  A CD for each chapter (Read, listen or both)
  • A Forms CD, for creating customizable forms and documents
  • A three ring binder to build your HIPAA manual as you go
  • A CD recording of the required annual in-service for privacy and security rule training – to meet requirements (Many think this one CD, alone, makes the system worth it! Your team can sign an attendance sheet [to go in your HIPAA compliance manual] listen and be done. Then when you hire new people, throughout the year, they can listen – without you having to do the whole training live- just for them. It also comes on the Forms CD in if you wish to deliver it live. There are certain rules that pertain to ongoing education as well.)  

This program is a step-by-step, easily understandable approach that nearly any support staff can implement. Questions regarding following the system (for those who start at the beginning and walk through a step at a time) are rare. I am glad to answer any quick question you have. In rare cases where consulting services are desired, they are available for an hourly fee. Once a system is in place it only takes a few hours per quarter of the year to keep it updated, in most practices.

Workbook Table of Contents

Chapter 1

Compliance Manual Index

Audit Schedule

Compliance Officer, Job Description, Compliance Officer Posting, Filing a complaint, Policy and Procedure

HIPAA Annual In-service

Employee Confidentiality, Omnibus Rule: Business Associate Contract

Omnibus Rule: Notice of Patient Privacy Policy

Recommended Forms with Mandated Topics Covered, Policies & Procedures for all HIPAA Topics

Chapter 2

Recommended ABN Audit to Assist with Medicare Compliance (Bonus)

Form, Instructions, ABN Audit Tool, Corrective Action Form, Policies & Procedures for Topics of Chapter 2

Chapter 3

Recommended Clinical File Audit to Assist with Documentation Compliance (Bonus), Clinical File Audit Tool, Corrective Action Form

Chapter 4

Recommended Claim Denial Audit to Assist with Filing Disputes & Collections (Bonus), Claim Denial Audit Tool, Corrective Action

Chapter 5

New Omnibus rules requirements relative to EHR/EMR system users

Chapter 6

Security rules overview

Chapter 7

Constructing your Annual in-service presentation for Security rules

Chapter 8

Required Risk analysis/evaluation

Chapter 9

In the case of natural or man-made disaster

Chapter 10


Chapter 11

Education, testing and evaluation


Retail Price = Only $549.00!

$489 if purchased at the website or by faxing/emailing the order form from this website. (Save $60.00)


Remember to fill out where you heard about us as we have special pricing for members of certain state associations!

Also available:

Onsite installation of your HIPAA program. Starts at $4000.00 plus expenses, call for details.

Individualized phone consulting, $250.00 per hour.

For returning customers who purchased our original HIPAA ‘Tool Kit’

 (Covered HIPAA Privacy Rules only) 


There have been two updates that are necessary.

One: The Omnibus Rules Update. 

Two: The Security Rules Update (also includes HIPAA risk analysis, mandatory for Meaningful Use). 

         If you are a past customer, appearing in our invoice records, of the TOOL KIT your total cost for the entire new HIPAA Survival Kit is dramatically discounted!! You get the Omnibus Updates, Privacy Rule updates, Security Rule Updates, new forms and bonus audits!! We want you as happy and safe as possible.  Please contact us for pricing.





But first: We say goodbye to Martha McKinney who is no longer with HIPAA Compliance Services. We wish her well! Please, immediately replace her cell phone, 214-437-1048 with 214-437-7559 for HIPAA Compliance Services. Calling her number or leaving a message at that number will result in no returned call and we are making every effort to improve customer service vs . slow it down. We want to hear from you. Thank You!
There is much new case law, interpretation, misunderstanding and overlap of  rules, including some ‘bleed over’ between privacy and security as well.
IF YOU ONLY HAVE OUR ORIGINAL TRAINING MANUAL AND DO NOT HAVE OUR OMINBUS RULE UPDATE then you are non compliant with the new rules for the new enforceable privacy policy you are required to give to every new patient, the new business associate contract requirements (that help protect YOU from enforcement), plus the new EHR security privacy requirements- and these updates. Even if you have or now purchase the OMNIBUS RULE UPDATE (effective September, 2013) you need to pay attention to these updates since they supersede some publications- depending on date written!
Minor: The Business Associate Confidentiality Statement is more accurately called the Business Association Confidentiality Contract. Also, a non-employee confidentiality statement is not needed. It is held that cleaning people, repair people, etc…. fall under ‘incidental/accidental’ exposure and the only HIPAA requirement is to take steps to mitigate those exposures and document such.
Important: Clinical file, claims denial and ABN audits, while extremely important to your clinic and assist in satisfying the tenant that “HIPAA is the floor, not ceiling of clinical compliance” and more should be done above and beyond meeting the basic standard, these audits are highly recommended, but not REQUIRED by HIPAA.
CRITICAL: You must GIVE a copy of your NEW Notice of Patient Privacy Policy to all NEW patients and get a receipt of acknowledgment from them. This ‘acknowledgement’ can be a sentence added to your “Consent to use PHI” that says, “I have received a copy of the Notice of Patient Privacy Policy”.

Leave a Reply