Apgar & Associates' consulting expertise supports clients in privacy, information security, HIPAA, HITECH and regulatory compliance, plus preps organizations for the process of HITRUST, SOC2 and ISO Certification.



Do your clients want you to be HITRUST, SOC 2 OR ISO certified?  Our certification prep gets you through the What + How of evidence collection and explicit requirements for each.  Financial, healthcare provider, or technology business partner—you’ll be poised for certification success.



How solid is your security incident response plan?  Is your incident response team trained?  With our help, you’ll know who needs to do what, when, for every security incident.  You’ll also comply with the ISO 27001 and the HIPAA Security Rule requirement for incident response.



Policies & Procedures make you look good when tight and right.
Feel confident in your documentation? Able to point to how an employee can uphold your company’s privacy and security program? Talk to us about how to assure your documentation is up to date and supports compliance.

Think of the Security Risk Analysis as your internal due diligence. LEARN MORE>>


How strong is your information security program?

No matter what industry – healthcare, financial or technology – a regularly scheduled, top-to-bottom security risk analysis is essential to a healthy information security program. Streamline ISO and HIPAA compliance efforts, plus know where and how to close security gaps.

Think of it as due diligence. Even mitigated security risks can become vulnerabilities again. Technology evolves constantly. Employees come and go. Devices get lost or stolen.

It’s show and tell time. Let your customers and partners know that you take data security and regulatory compliance seriously. Schedule your security risk analysis today. >>


How well does your compliance program measure up?

OCR recommends 5 features in every compliance program. We’ll help you put all of the right components and action plan into play. Tackle risk mitigation + risk management? Training materials + delivery? Plans + audits? You’ll be set. Need a privacy and security compliance officer?
Yes, we can help you there, too.

Let’s draw the road map that helps you drive compliance.