ComplyAssistant

Logo of ComplyAssistant, a HASC Endorsed Business Partner offering governance, risk and compliance solutions

Overview

ComplyAssistant is a trusted partner with extensive security and compliance expertise, dedicated to empowering health care organizations with cutting-edge GRC (governance, risk and compliance) software and cybersecurity services.

Our tailored solutions cater to hospitals of all sizes, including rural and critical access facilities. Designed to streamline and organize intricate security and compliance processes, our software and companion cybersecurity services aim to fortify hospitals, ensuring safety and efficiency.

In today’s digital landscape, implementing a robust cybersecurity program is not just a choice; it’s a necessity. This step is imperative in ensuring your hospital’s sustained success and existence. Patient care and safety are intricately linked to cybersecurity in our digitally driven world.

Benefits

Though HIPAA requires health care organizations to designate a security official responsible for managing security policies and procedures, most need help to handle the work necessary to protect their organization.

Our vCISO Program can be tailored to any size or scope for any health care organization. We’ll act as an extension of your team, providing a wide variety of services. You choose the services you need, and we’ll handle the rest.

We can fill your resource gaps with our vCISO offerings!

Information Privacy and Cybersecurity Audits:

  • HIPAA Privacy, Security, and Breach Notification Rule Audits
  • Health Industry Cybersecurity Practices (HICP) Audits SAFER Guides Audits NIST CSF Audits
  • HITRUST Audits
  • SOC 2 Audits
  • NIST AI RMF V1
  • Additional Framework Audits Upon Request

Patient Privacy Applications:  

  • Patient Privacy Monitoring
  • Online WebTracking Technology

Artificial Intelligence (AI):

  • Education for Leadership and the Board
  • Enterprise Strategy and Guidance (Governance, etc.)

Interim CISO – option for blocks of time

Third-Party Vendor (BA) Risk Management (BAs cause over 60% of cyberattacks)

Disaster Recovery / Business Continuity (DRBC):

  • Planning and tabletop exercises for potential extended downtime

Policy and Procedure Creation, Review and/or Updates:

  • HIPAA Privacy, Security, and Breach Notification
  • Cybersecurity
  • Additional upon request

Technical Testing:

  • Internal Vulnerability and External Penetration Testing
  • Managed Detection and Response for Breach Prevention

Monthly Status Calls and additional Governance and Oversight Activities

Links/Resources

Podcasts

  1. Effective HIPAA Programs for Physician Organizations: https://www.buzzsprout.com/1837787/14020770
  2. Managing Threats and Protecting Patients – HICP: https://infob4u.podbean.com/e/customer-story-series-comply-assistant-hicp/
  3. AI Legal and Compliance Challenges: https://infob4u.podbean.com/e/ai-legal-compliance-challenges/
  4. AI Challenges, Security, Acquisition, Education and Policy: https://infob4u.podbean.com/e/ai-challenges-security-acquisition-education-policy/
  5. Compliance in Today’s World of Risk: https://infob4u.podbean.com/e/compliance-in-today-s-world-of-risk/

Contacts

Gerry Blass
President and CEO
ComplyAssistant
(800) 609-3414, ext. 700
[email protected]

Rafael De La Rosa
Senior Director, Public Policy and Strategic Partnerships
[email protected]