Loading images...

HIPAA Privacy & Security Compliance

At Apgar & Associates, we provide expert HIPAA privacy, information security, HITECH and regulatory compliance consulting services to health plans, physician group practices, clinics and hospitals and the vendors (business associates) that support them.

Our nationwide compliance clients range from Oregon Medical Association (OMA) members in our own backyard of Oregon, to a global healthcare technology company based in sunny Arizona, and a top-ranking hospital in the Alabama’s fast-growing medical hub. Our experience is that no matter where in the U.S. you’re based, HIPAA and HITECH compliance are at the top of your mind.

Apgar & Associates particularly notes two key privacy and security program hot buttons we take care of for our clients:

Risk Assessments

The risk assessment is the cornerstone of your ability to comply with HIPAA privacy, security and data breach notification regulations. If you don’t know where your risk is, you can’t fix it. After the risk assessment, we take the findings and turn them into an implementable Risk Management Plan.

Incident Response Plans & Testing

Do you know who to call when you have a data breach and patient PHI is suddenly not-so-private? We design, test and implement your organization’s Incident Response Plan so you avoid being the OCR’s next poster child.

For a decade, Apgar & Associates HIPAA privacy & security compliance consulting has supported covered entities and business associates in our home state of Oregon and nationwide. We stay on top of the latest and greatest HIPAA and HITECH nuances, track the laser focus of the OCR, CMS, ONC and the OIG, and build useful tools (like our Privacy & Security Policy & Procedure Manuals) for busy Compliance Officers.

Apgar & Associates creates practical HIPAA privacy and security compliance consultative solutions. The laws are complex enough; our job is to help CxOs, practice managers, physicians, privacy and security officers, and entrepreneurial business associates meet and maintain compliance with HIPAA, HITECH and their associated codes and regulatory requirements in a straightforward manner with minimum hassle.

Contact Apgar & Associates for HIPAA Privacy & Security Compliance services that include:

  • Risk Assessments & Security Risk Analysis
  • Incident Response Plans & Testing
  • Mock OCR HIPAA Audits
  • Privacy & Security Compliance Assessments, Audits and Solutions
  • Outsourced Privacy & Security Compliance Officer
  • Privacy & Security Gap Analysis & Mitigation Planning
  • Privacy & Security Training
  • Policy, Procedure and Process Evaluation, Development and Customization

hipaa privacy & security complianceAdditionally, Chris Apgar, CISSP, CEO, is a frequent educator and panelist for OMA, HCCA and other industry-leading organizations. Chris is also available as an expert witness and columnist. For all of your privacy and security compliance consulting needs, call the HIPAA experts at Apgar & Associates: 503-384-2538.


Westlaw Round Table Group Expert Witnesses



Mailing Address

Apgar and Associates, LLC
P.O. Box 80278
Portland, OR 97280
p 503-384-2538
p 877-376-1981



7100 SW Hampton St.
Suite 137
Tigard, OR 97233

Upcoming Events
10:00 am OMA Webinar: Compliance – From R... @ OMA Webinar
OMA Webinar: Compliance – From R... @ OMA Webinar
Mar 31 @ 10:00 am – 11:00 am
Join Chris Apgar, CISSP and Mark Bonanno, JD, MPH at this OMA Webinar to learn the building blocks to assist in building a strong and broad compliance program to reduce risk and compliance headaches. Suitable[...]
10:00 am OMA Webinar: A Practical Guide t... @ OMA Webinar
OMA Webinar: A Practical Guide t... @ OMA Webinar
Apr 7 @ 10:00 am – 11:00 am
Clear out the clutter about using encryption to protect PHI from data breach. In this OMA Webinar led by Chris Apgar, CISSP, you’ll learn about options for protecting PHI data at rest, what steps to[...]
10:00 am OMA Webinar: Vendors & PHI – Kno... @ OMA Webinar
OMA Webinar: Vendors & PHI – Kno... @ OMA Webinar
Apr 14 @ 10:00 am – 11:00 am
In this OMA Webinar, Chris Apgar, CISSP will share easy to use tools to manage Business Associate relationships, from asking the right questions to addressing the need to demonstrate due diligence. Overview of health information[...]

View Calendar

Subscribe To Our Newsletter  HERE


"We hired Chris to help our company develop key compliance programs & policies, revolving around information security and HIPAA/HITECH. Chris and his team exceeded our expectations. He is very easy to work with and is inventive with his approach to solving problems."

Stephen Ambrose, CEO
ICEX Data Reporting