Centra State Healthcare System
AtlantiCare Healthcare
Greater New York Hospital Association
Christian Health Care Center
St. Joseph's Healthcare System
Hackensack UMC Palisades

At ComplyAssistant, we offer governance, risk, and compliance software, consulting and service solutions to organizations of all sizes. Designed to help you organize and manage complex security and compliance processes, our software and companion consulting services will help you be more efficient.

GRC Software

Our risk management and healthcare compliance software can help you meet your compliance and security needs.

compliance management software mobile audit application

Healthcare Compliance Consulting

We focus on information security audits to cover all control standards, identify gaps and deliver a holistic risk mitigation roadmap.

  • Our healthcare compliance consultants are seasoned subject matter experts who provide unbiased reviews.

  • We perform both internal and external risk assessments and security audits.

  • All audit results are delivered in our compliance management software portal, not in a spreadsheet.

  • Our consultants provide a directive action plan as part of your roadmap.

consulting with compliance management software

Solutions for MSPs

Managed service providers (MSPs) use our compliance management software to provide general IT and HIPAA services to their clients.

  • Easily manage a high volume of client audits with a structured tool.

  • Administer third-party risk management programs.

  • Manage your clients by exception with extensive filters, automated alerts and notifications.

  • Provide clients with secure access to their own documents and reports.

compliance management software business associate management
compliance management software client deliverables
Cape Regional Health System

"ComplyAssistant’s cloud-based software solution allowed us to efficiently and effectively manage the entire compliance process, from assessment development and distribution through management of action items." --CIO

See ComplyAssistant’s GRC software in action. Schedule a demo

Free Tools

HIPAA Business Associate Agreement Template
Free

This is a HIPAA Business Associate Agreement / Contract Addendum template for the requirements of the HITECH Act of 2009 in Microsoft Word format. Use it as a starting point and customize to meet the requirements for your business associates agreements.

HIPAA Privacy and Security Proactive Audits Tool Kit
Free

Contains recommended HIPAA Privacy and Security audits that your organization should consider implementing for policies & procedures, proactive information system activity review, and facility walk throughs.

HIPAA Facility Security Walkthrough Checklist
Free

Excellent guidance for auditing facilities that contain protected health information. Simply check the boxes and write notes as you conduct your walk-through audit.

Tips

Protecting Health Information In The COVID-19 Era

Even prior to the COVID-19 pandemic, ransomware attacks were on the rise. “COVID has simply increased risk of attacks due to more locations with a remote workforce, [protected health information] through telehealth, more phishing attacks, more opportunities that hackers like to take advantage of.”

Sharing Patient Information: Pros, Cons and Implications

The news late last year around Project Nightingale aroused interest from both healthcare organizations and the public on how and when protected health information (PHI) should be shared. With new technologies, new entrants to the healthcare market, how can healthcare providers balance HIPAA, cybersecurity protections, and the need to easily share data to improve patient care?

Keeping Networks Secure In The Age Of Telecommuting

Though telecommuting was on already on the rise at a rate of 2-3% per year, the COVID-19 pandemic required healthcare organizations to re-evaluate work from home policies and quickly enable a remote workforce. But, in the midst of a pandemic, when you have to act as quickly as possible, how do you also make sure your networks and operations are still protected?

Updates

Is Meaningful Use Still Meaningful?

Originally designed as part of HITECH to encourage providers to adopt electronic health records (EHRs), meaningful use was a means to an end – towards improved population health and better patient care among fragmented providers. The program prioritized five pillars of health outcomes:

GDPR Impact on U.S. Healthcare Organizations

The General Data Protection Regulation (GDPR) is the European Union (EU) regulation on privacy and security of personally identifiable information (PII). It goes into effect on May 25, 2018. This blog provides an important comparison between GDPR and HIPAA.

Third Party (BA) Contract and Privacy and Security Risk Management

The HITECH-OMNIBUS final rule stepped up the requirements and for both CEs and BAs and both must now include the new requirements in their information privacy and security risk analysis and management program.

Heard the term "GRC" but not quite sure what it means or how it relates to healthcare?

Download this infographic for the top '5 Things You Should Know About GRC'

grc infographic banner