Case Study 4: Start-up Healthcare Market Research Firm

This small start-up healthcare marketing research company called because their clients, large hospitals and healthcare delivery systems, asked that they demonstrate compliance efforts before sharing patient data. The firm engaged us to help strengthen their compliance program and prove the ability to satisfy contractual client service level requirements.

After a compliance assessment and a security risk analysis, we worked with the healthcare marketing client to close identified gaps and implement more stringent policies and procedures for their compliance program.

Business associate agreement reviews provided key privacy and security goals beyond standard HIPAA regulations. With those as a mandate, the firm realized that the ability to move forward with growing the business was highly dependent on being able to show they were firmly on the compliance path.

Apgar & Associates has an ongoing relationship with the firm, conducting regular security risk analyses, business associate agreement reviews and to answer the tough privacy and security questions. At a time when the Privacy & Security Compliance Officer position opened, the CEO and other senior leadership engaged Chris Apgar, CISSP, CCISO to step in as the interim CCO.

The healthcare marketing research firm has embraced a culture of compliance, recognizing compliance is an ongoing practice, not simply a static state. Their compliance program continues to show this.

Apgar & Associates enjoys an ongoing relationship with the health technology client, working with them on privacy and security action plans and objectives, such as fulfilling security risk assessment documentation from their healthcare clients.

For help with your compliance program or certification readiness, contact Apgar & Associates today.

To find out how we can get you through a data breach, audit, and more call (503) 384-2538 or email us: