ComplyAssistant offers GRC software and healthcare cybersecurity services to organizations of all sizes. We designed our software and companion cybersecurity services to help you organize and manage complex security and compliance processes making you more efficient.
Heard the term "GRC" but not quite sure what it means or how it relates to healthcare?
Download this infographic for the top '5 Things You Should Know About GRC'
GRC Software
Our risk management and healthcare compliance software can help you meet your compliance and security needs.
-
Manage information security frameworks such as HIPAA, HICP, HITRUST, and NIST.
-
Manage any federal, state and local compliance regulation.
-
Manage a high volume of third-party vendor risk management programs
-
Manage by exception with filtering, alerts and notifications – all in a simple user interface.
-
Mobilize your audit teams with our mobile application free trial.
-
Assess threats and controls across your entire organization with the risk register.
Healthcare Cybersecurity Services
We focus on virtual CISO services to cover all control standards (e.g. HICP, HIPAA etc.), identify gaps, and deliver a holistic risk mitigation roadmap.
-
Our healthcare cybersecurity consultants are seasoned subject matter experts who provide unbiased reviews.
-
We perform both internal security audits and vendor risk management services.
-
All audit results are delivered in our compliance management software portal, not in a spreadsheet.
-
Our consultants provide a directive action plan as part of your roadmap.
White Label GRC Software
Managed service providers (MSPs) and Managed Security Service Providers (MSSPs) use our compliance management software to provide general IT and HIPAA services to their clients.
-
Easily manage a high volume of client audits with a structured tool.
-
Administer third-party vendor risk management programs.
-
Manage your clients by exception with extensive filters, automated alerts and notifications.
-
Provide clients with secure access to their own documents and reports.
"ComplyAssistant’s cloud-based software solution allowed us to efficiently and effectively manage the entire compliance process, from assessment development and distribution through management of action items." --CIO
Featured Press
ComplyAssistant Partners to Offer PriSec Boot Camp to Help Prevent Information Losses and CyberattacksJust as we tell our clients that privacy and security is everyone’s responsibility, we also believe it’s our responsibility to help educate the industry about best practices for protecting critical data and infrastructure. To that end, ComplyAssistant has partnered with industry-leading companies to produce the PriSec Boot Camp. To help prepare professionals at all levels—from […]
ComplyAssistant to speak on preparing an organization’s downtime plan past 72 hours at the NJ HIMSS and NJ HFMA Fall ConferencesGerry Blass (President & CEO, ComplyAssistant), Rick Lang (Vice President and CIO, Doylestown Health System), Jim Cavanagh (Principal Consultant, Executive Healthcare Consulting), and John Hueter (Chief Executive Officer, Digital Health Consulting, LLC) are scheduled to speak at the New Jersey Delaware Valley 2022 Fall Conference on October 13, 2022 and the New Jersey & Metro Philadelphia HFMA Annual […]
ComplyAssistant to speak on strategies and tactics for health care organizations to consider for reducing cybersecurity risks at the NJ HFMA Annual InstituteGerry Blass, President & CEO, ComplyAssistant, and Francois Bodhuin, Technology Director and CISO, Inspira Health are scheduled to speak at the New Jersey & Metro Philadelphia HFMA Annual Institute on October 26, 2022. A summary of their presentation can be found below. If you would like to register for the event, click here for more information. Gerry […]
Free Tools
HIPAA Business Associate Agreement TemplateFree
This free tool is a HIPAA Business Associate Agreement / Contract Addendum template for the requirements of the HITECH Act of 2009 and Omnibus Final Rule 2013 in Microsoft Word format. Use it as a starting point and customize it to meet the requirements for your business associate agreements. For continued due diligence of third parties, consider vendor risk management software or vendor risk management services to evaluate their security position.
HIPAA Privacy and Security Proactive Audits Tool KitFree
Contains recommended HIPAA Privacy and Security audits that your organization should consider implementing for policies & procedures, proactive information system activity review, and facility walkthroughs.
HIPAA Facility Security Walkthrough ChecklistFree
Excellent guidance for auditing facilities that contain protected health information. Simply check the boxes and write notes as you conduct your walk-through audit.
Tips
Cybersecurity Risk Prevention in 2023: Three Gaps to CloseHealth care investments in privacy and security are set to explode in the wake of ongoing cyberattacks and rising risk. Know the three most important risk areas to fortify and be prepared for the 2023 surge.
Are You Vulnerable? Dig into HIPAA Risk Assessment and Risk ManagementCybersecurity threats in healthcare have posed serious risks and challenges for years. As a result, the government recognized the need to regulate access to electronic protected health information, or ePHI. The Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act were designed and implemented as national standards for the privacy of protected health information, the security of ePHI, and breach notification to consumers. These rules include risk assessment and risk management by covered entities.
HIPAA Audits: The Importance of Preparing and the Significance of ComplianceThe use of health information technology becomes more prevalent in healthcare every day. As with most things, this presents pros and cons. New technologies offer opportunities and benefits for consumers, but they also present risks to consumer privacy
Updates
GRC Software Update: A Guide to Our Latest Frameworks and FeaturesAn organization’s approach to governance, risk, and compliance can have a huge effect on business. In today’s world of cyber breaches and ransomware attacks on companies of all sizes and scope, organizational leaders must work together to ensure their approach to GRC is intact.
The Evolution of Risk to PHI and Patient SafetyIn the 70s and 80s, healthcare organizations started to migrate their patient management information from hard copy to electronic, either on shared mainframes such as SMS and McAuto or on microprocessors. The user workstations had no intelligence and were known as “dumb terminals.” There were limited locations of electronic identifiable health information. There was no motivation to sell identifiable health information.
Information Blocking and the Future of Patient Care: Breaking Down the 8 ExceptionsPresident and CEO Gerry Blass sat down with Journal of AHIMA senior editor Mary Butler on a recent episode of the Hi Pitch Podcast to talk about the 21st Century Cures Act Information Blocking Final Rule and the eight information blocking exceptions. Blass was joined by attorney Helen Oscislawski, who spoke to the challenges her clients have faced as they prepare to comply with the rule, which goes into effect on April 5th.