Loading images...

HIPAA Privacy & Security Compliance

At Apgar & Associates, we provide expert HIPAA privacy, information security, HITECH and regulatory compliance consulting services to health plans, physician group practices, clinics and hospitals and the vendors (business associates) that support them. We also work across sectors (healthcare, financial) to provide consulting services that include privacy risk assessments, security risk analyses and incident response plan development and testing.

Our nationwide compliance clients range from Oregon Medical Association (OMA) members in our own backyard of Oregon, to a global healthcare technology company based in sunny Arizona, and a top-ranking hospital in the Alabama’s fast-growing medical hub. Our experience is that no matter where in the U.S. you’re based, HIPAA and HITECH compliance are at the top of your mind.

Apgar & Associates particularly notes two key privacy and security program hot buttons we take care of for our clients:

Risk Assessments

The risk assessment is the cornerstone of your ability to comply with HIPAA privacy, security and data breach notification regulations. If you don’t know where your risk is, you can’t fix it. After the risk assessment, we take the findings and turn them into an implementable Risk Management Plan.

Incident Response Plans & Testing

Do you know who to call when you have a data breach and patient PHI is suddenly not-so-private? We design, test and implement your organization’s Incident Response Plan so you avoid being the OCR’s next poster child.

For a decade, Apgar & Associates HIPAA privacy & security compliance consulting has supported covered entities and business associates in our home state of Oregon and nationwide. We stay on top of the latest and greatest HIPAA and HITECH nuances, track the laser focus of the OCR, CMS, ONC and the OIG, and build useful tools (like our Privacy & Security Policy & Procedure Manuals) for busy Compliance Officers.

Apgar & Associates creates practical HIPAA privacy and security compliance consultative solutions. The laws are complex enough; our job is to help CxOs, practice managers, physicians, privacy and security officers, and entrepreneurial business associates meet and maintain compliance with HIPAA, HITECH and their associated codes and regulatory requirements in a straightforward manner with minimum hassle.

Contact Apgar & Associates for HIPAA Privacy & Security Compliance services that include:

  • Risk Assessments & Security Risk Analysis
  • Incident Response Plans & Testing
  • Mock OCR HIPAA Audits
  • Privacy & Security Compliance Assessments, Audits and Solutions
  • Outsourced Privacy & Security Compliance Officer
  • Privacy & Security Gap Analysis & Mitigation Planning
  • Privacy & Security Training
  • Policy, Procedure and Process Evaluation, Development and Customization

hipaa privacy & security complianceAdditionally, Chris Apgar, CISSP, CEO, is a frequent educator and panelist for OMA, HCCA and other industry-leading organizations. Chris is also available as an expert witness and columnist. For all of your privacy and security compliance consulting needs, call the HIPAA experts at Apgar & Associates: 503-384-2538.


Westlaw Round Table Group Expert Witnesses



Mailing & Office Address

Apgar and Associates, LLC
P.O. Box 80278
Portland, OR 97280
p 503-384-2538
p 877-376-1981




7100 SW Hampton St.
Suite 137
Tigard, OR 97233

Upcoming Events
11:00 am Healthcare Security and Complian... @ HealthData Management Webinar
Healthcare Security and Complian... @ HealthData Management Webinar
Aug 13 @ 11:00 am – 12:00 pm
How can healthcare organizations create a competent plan to respond to new security events? Can we improve security processes without “locking down” the organization? Attend this session to learn how the twin requirements of healthcare[...]
10:00 am Risk Analysis Simplified – Meeti... @ HCCA Webinar
Risk Analysis Simplified – Meeti... @ HCCA Webinar
Sep 15 @ 10:00 am – 11:00 am
Chris Apgar, CISSP, CEO of Apgar & Assoc, LLCHIPAA requirements, Meaningful Use and what constitutes a “compliant” risk analysis or assessmentStep-by-step – How to conduct a risk analysis including take away tools to assist in[...]
3:20 pm OMGMA Fall Conference Breakout S... @ Hilton Eugene
OMGMA Fall Conference Breakout S... @ Hilton Eugene
Sep 17 @ 3:20 pm – 4:20 pm
The annual Fall meeting of the Oregon Medical Group Management Association runs 9/16 – 9/18 and is a highly anticipated event by practice administrators throughout Oregon. The meeting is of the highest educational quality, featuring[...]

View Calendar

Subscribe To Our Newsletter  HERE


"AIS has worked with Chris Apgar regularly on HIPAA privacy and security issues for more than 10 years and our experiences with Chris, in every instance, have been outstanding. He is incredibly knowledgeable, very responsive, and a true pleasure to work with, in every respect."

Richard Biehl, Publisher
Atlantic Information Services, Inc.