At Apgar & Associates, we provide expert privacy, information security, HIPAA, HITECH and regulatory compliance consulting services to health plans, physician group practices, clinics and hospitals and the vendors (business associates) that support them.

Our nationwide compliance clients range from Oregon Medical Association (OMA) members in our own backyard of Oregon, to a global healthcare technology company based in sunny Arizona, and a top-ranking hospital in the Alabama’s fast-growing medical hub. Our experience is that no matter where in the U.S. you’re based, compliance with HIPAA and HITECH are at the top of your mind.

Apgar & Associates particularly notes two key privacy and security program hot buttons we take care of for our clients:

Risk Assessments

The risk assessment is the cornerstone of your ability to comply with HIPAA privacy, security and data breach notification regulations. If you don’t know where your risk is, you can’t fix it. After the risk assessment, we take the findings and turn them into an implementable Risk Management Plan.

Incident Response Plans & Testing

Do you know who to call when you have a data breach and patient PHI is suddenly not-so-private? We design, test and implement your organization’s Incident Response Plan so you avoid being the OCR’s next poster child.

For a decade, Apgar & Associates privacy and security compliance consulting has supported covered entities and business associates in our home state of Oregon and nationwide. We stay on top of the latest and greatest HIPAA and HITECH nuances, track the laser focus of the OCR, CMS, ONC and the OIG, and build useful tools (like our Privacy & Security Policy & Procedure Manuals) for busy Compliance Officers.

Apgar & Associates creates practical privacy and security compliance consultative solutions. The laws are complex enough; our job is to help CxOs, practice managers, physicians, privacy and security officers, and entrepreneurial business associates meet and maintain compliance with HIPAA, HITECH and their associated codes and regulatory requirements in a straightforward manner with minimum hassle.

Contact Apgar & Associates for Privacy & Security Compliance services that include:

• Risk Assessments & Security Risk Analysis

• Incident Response Plans & Testing

• Mock OCR HIPAA Audits

• Privacy & Security Compliance Assessments, Audits and Solutions

• Outsourced Privacy & Security Compliance Officer

• Privacy & Security Gap Analysis & Mitigation Planning

• Privacy & Security Training

• Policy, Procedure and Process Evaluation, Development and Customization

Additionally, Chris Apgar, CISSP, CEO, is a frequent educator and panelist for OMA, HCCA and other industry-leading organizations. Chris is also available as an expert witness and columnist. For all of your privacy and security compliance consulting needs, call the HIPAA experts at Apgar & Associates: 503-384-2538.

Westlaw Round Table Group Expert Witnesses

Subscribe To Our Newsletter  HERE

Upcoming Events

11:00 am OMA Webinar: Security Incident Response – Spend a little now, save a lot later! @ OMA Webinar
OMA Webinar: Security Incident R… @ OMA Webinar
May 6 @ 11:00 am – 12:00 pm
Security incidents such as a virus infection impacting EHRs and breaches of unsecured PHI can be very expensive. Chris Apgar, CISSP and CEO & President [...]
11:00 am Mobile Devices: BYOD and Managing Your Risks @ APTA Private Practice Section Webinar
Mobile Devices: BYOD and Managin… @ APTA Private Practice Section Webinar
May 7 @ 11:00 am – 12:30 pm
One of the most significant risks to practices today is the proliferation of mobile devices used for patient care and business activities. Headlines abound about [...]

View Calendar


"We hired Chris to help our company develop key compliance programs & policies, revolving around information security and HIPAA/HITECH. Chris and his team exceeded our expectations. He is very easy to work with and is inventive with his approach to solving problems."

Stephen Ambrose, CEO
ICEX Data Reporting