Iron Comet Consulting, Inc.

HIPAA Compliance Consulting

Are you confused and overwhelmed by HIPAA?

HIPAA is a complex set of regulations and there is a lot of misconceptions as to what is contained in them. Here are some common myths:

      ●  If I use a cloud-based EMR, then I am compliant

      ●  I don’t need a firewall

      ●  Training is just needed once per year

      ●  Since encryption is addressable, that means that I don’t need to do it

      ●  I don’t have to worry about ransomware

      ●  My IT people say they don’t need a Business Associate Agreement with me

      ●  I use Gmail so I am compliant

      ●  Risk Assessments are only needed if there is an issue

      ●  I don’t have the budget for this so HIPAA will understand

      ●  I use a cloud-based EMR so I don’t need a server

      ●  I use Mac so I am compliant

      ●  Free anti-virus software is good enough to protect me

      ●  I lease out part of my office to another practice, it’s ok for us to share the same network and internet


Any of these assumptions could land a practice in serious trouble.

Iron Comet is here to help. We understand HIPAA and will sure that you fully understand the items you need to do to be compliant. We cut through all the myths and misunderstandings to create a program that is tailored for your specific situation to keep your practice compliant and secure while running efficiently.

We have been specifically trained and have certifications related to HIPAA and IT for the healthcare industry.

Our HIPAA consulting service can help to understand your obligations under the law to protect patient data. You don’t need to be afraid or worried when it comes to HIPAA.

FREE HIPAA Risk Assessmen

The best place to start is with your HIPAA mandated Risk Assessment. This process identifies any potential areas that your practice may need to address for compliance. It is a required element under HIPAA regulations. We offer a FREE Risk Assessment that will outline the current issues your practice may have concerning its HIPAA compliance. Risk Assessments are also required each year, at minimum, under HIPAA regulations. However, a new Risk Assessment is also required any time something fairly large changes in your practice such as a new internet service provider, a new server, or a new EMR product.

If you need your Risk Assessment or are concerned about your practice’s compliance or security, get your FREE HIPAA Risk Assessment by clicking here or calling us at 770-506-4383.