Loading images...

Compliance Strategic Planning

OCR defines a robust compliance program as one that includes employee training, attentiveness to policies and procedures, regular internal audits, and prompt action plans for incident response. To develop and implement all the components correctly is a challenge to the best compliance officer and team. Apgar & Associates offers compliance strategic planning services to help you and your organization draw the road map that will drive you to compliance.

Our planning services help you to develop a strategy-focused compliance plan, specify time lines and identify task owners. Following a planning session—either in person or virtually—we prepare a compliance plan report that reviews key risk areas, and defines and prioritizes risk mitigation activities. We help you identify task owners as well as help you to set time lines for mitigation completion, review internal and external resource requirements and availability.

We also offer organizations professional privacy and security compliance officer services without the overhead that goes with maintaining a full staff of privacy and security experts as employees. You can tap into the privacy and security expertise of Apgar & Associates’ Chris Apgar, CISSP, or Julia Huddleston, CIPP/US, CIPM, on an as-needed basis, without a retainer.

Our Privacy Officer and Security Officer services help your organization reduce its risk and exposure to potential PHI violations or data breaches. We use preventive measures like risk analyses, audits, privacy program review and workforce training to assure your compliance with new laws and revisions. The services also help you meet HIPAA requirements for a formally designated Privacy and Security Officer.

Why you may need our Privacy & Security Officer Services

HIPAA Privacy Rule & Compliance

The HIPAA Privacy Rule requires that covered entities formally designate a Privacy Officer. The office holds responsibility for:

  • Oversight of the entity’s privacy program
  • Ensuring compliance with the use and disclosure provisions of the HIPAA Privacy Rule
  • Ensuring compliance with other applicable federal and state privacy laws

HIPAA Security Rule & Compliance

Under the HIPAA Security Rule, both covered entities and business associates must meet the requirement to appoint a Security Officer. The office holds responsibility for:

  • Maintaining compliance with the HIPAA Security Rule
  • Compliance with state security laws and contractual requirements
  • Maintaining and ensuring appropriate security practices
  • Managing compliance activity
  • Adhering to appropriate security practices

For more information about our compliance strategic planning, or privacy and security compliance officer services, contact us via email or at 503.384.2538.


"We hired Chris to help our company develop key compliance programs & policies, revolving around information security and HIPAA/HITECH. Chris and his team exceeded our expectations. He is very easy to work with and is inventive with his approach to solving problems."

Stephen Ambrose, CEO
ICEX Data Reporting

Mailing & Office Address

Apgar and Associates, LLC
P.O. Box 80278
Portland, OR 97280
p 503-384-2538
p 877-376-1981




7100 SW Hampton St.
Suite 137
Tigard, OR 97223