For Primary Care & Family Medicine
An independent, plain-English read on where your practice stands — across every system that touches patient data.
The Problem
Is your EHR (athenahealth, eClinicalWorks, NextGen, etc.) configured with proper access controls and audit logging?
Do you have signed BAAs with your labs, imaging centers, billing service, and patient-portal vendor?
Would your front-desk practices — sign-in sheets, phone messages, fax transmissions — hold up under an OCR review?
Why It Matters
Primary care practices handle a constant flow of PHI — referrals, lab results, prescriptions, patient portal messages — often across several disconnected systems and vendors. Most breaches and OCR findings don't come from dramatic hacks; they come from ordinary daily habits that were never reviewed: an unencrypted fax line, a shared login, a vendor without a BAA on file. A documented Security Risk Analysis is required regardless of practice size, and it's the clearest way to find these gaps before an auditor or a breach does. I give you an independent, plain-English read on exactly where your practice stands.
How I Help
Security Risk Analysis, Compliance Gap Assessment, Audit-Readiness Review, and Annual Re-Assessment — I assess and advise; your team or IT provider handles the fixes.
Book a free 15-minute HIPAA Readiness Check — no pressure, no jargon.
Call or text (480) 318-2710