Loading images...

HIPAA Privacy & Security Compliance

At Apgar & Associates, we provide expert HIPAA privacy, information security, HITECH and regulatory compliance consulting services to health plans, physician group practices, clinics and hospitals and the vendors (business associates) that support them.

Our nationwide compliance clients range from Oregon Medical Association (OMA) members in our own backyard of Oregon, to a global healthcare technology company based in sunny Arizona, and a top-ranking hospital in the Alabama’s fast-growing medical hub. Our experience is that no matter where in the U.S. you’re based, HIPAA and HITECH compliance are at the top of your mind.

Apgar & Associates particularly notes two key privacy and security program hot buttons we take care of for our clients:

Risk Assessments

The risk assessment is the cornerstone of your ability to comply with HIPAA privacy, security and data breach notification regulations. If you don’t know where your risk is, you can’t fix it. After the risk assessment, we take the findings and turn them into an implementable Risk Management Plan.

Incident Response Plans & Testing

Do you know who to call when you have a data breach and patient PHI is suddenly not-so-private? We design, test and implement your organization’s Incident Response Plan so you avoid being the OCR’s next poster child.

For a decade, Apgar & Associates HIPAA privacy & security compliance consulting has supported covered entities and business associates in our home state of Oregon and nationwide. We stay on top of the latest and greatest HIPAA and HITECH nuances, track the laser focus of the OCR, CMS, ONC and the OIG, and build useful tools (like our Privacy & Security Policy & Procedure Manuals) for busy Compliance Officers.

Apgar & Associates creates practical HIPAA privacy and security compliance consultative solutions. The laws are complex enough; our job is to help CxOs, practice managers, physicians, privacy and security officers, and entrepreneurial business associates meet and maintain compliance with HIPAA, HITECH and their associated codes and regulatory requirements in a straightforward manner with minimum hassle.

Contact Apgar & Associates for HIPAA Privacy & Security Compliance services that include:

  • Risk Assessments & Security Risk Analysis
  • Incident Response Plans & Testing
  • Mock OCR HIPAA Audits
  • Privacy & Security Compliance Assessments, Audits and Solutions
  • Outsourced Privacy & Security Compliance Officer
  • Privacy & Security Gap Analysis & Mitigation Planning
  • Privacy & Security Training
  • Policy, Procedure and Process Evaluation, Development and Customization

hipaa privacy & security complianceAdditionally, Chris Apgar, CISSP, CEO, is a frequent educator and panelist for OMA, HCCA and other industry-leading organizations. Chris is also available as an expert witness and columnist. For all of your privacy and security compliance consulting needs, call the HIPAA experts at Apgar & Associates: 503-384-2538.


Westlaw Round Table Group Expert Witnesses



Mailing Address

Apgar and Associates, LLC
P.O. Box 80278
Portland, OR 97280
p 503-384-2538
p 877-376-1981



7100 SW Hampton St.
Suite 137
Tigard, OR 97233

Upcoming Events
10:00 am HCCA Webinar: It’s In The Cloud ... @ HCCA Webinar | Web Conference
HCCA Webinar: It’s In The Cloud ... @ HCCA Webinar | Web Conference
Feb 5 @ 10:00 am – 11:00 am
HCCA Webinar by Chris Apgar (time shown is PST) Learning Objectives Upon completion, participants will be able to increase their understanding of the trends in the cloud computing world. Upon completion, participants will be able[...]
all-day HCCA Regional Conference: Portland @ Embassy Suites Portland Airport
HCCA Regional Conference: Portland @ Embassy Suites Portland Airport
Feb 13 all-day
Come by the Apgar & Associates booth at the HCCA Regional Conference! The day-long Portland conference promises to be content-rich: Topics Covered: Provider based compliance concerns Meaningful Use Physician Sunshine Act (now – Open Payments[...]
10:00 am HCCA Webinar: A Practical Guide ... @ HCCA Webinar | Web Conference
HCCA Webinar: A Practical Guide ... @ HCCA Webinar | Web Conference
Feb 18 @ 10:00 am – 11:00 am
HCCA Webinar by Chris Apgar, CISSP & a DataMotion Health IT Strategist (time shown of 10a – 11a is PST) Main points covered: How to get started – assessing your risk What your options are[...]
all-day HIMSS Privacy & Security Forum @ Manchester Grand Hyatt, San Diego, CA
HIMSS Privacy & Security Forum @ Manchester Grand Hyatt, San Diego, CA
Mar 5 – Mar 6 all-day
Join Chris Apgar, CISSP, CEO of Apgar & Assoc. as he moderates a panel on Medical Devices and BYOD (Bring Your Own Device) policy.  The HIMSS Privacy & Security Forum information is practical, solution-based and[...]

View Calendar

Subscribe To Our Newsletter  HERE


"Chris’ understanding of privacy and security rules and practical implementation has been invaluable to many clients."

Martin Edwards, MS, CHC, CHPS
Dell Healthcare & Life Sciences