HIPAA Security Module

HIPAA Security Module

Complete Policies and Procedures Package - Security

It is not enough simply to know and follow the security rules and regulations of the Health Insurance Portability and Accountability Act. A simple text message about a patient or someone with protected information can be a violation. Security compliance is mandated separately from privacy. Not only must information be kept private, it must be kept securely and protected from breach. The HIPAA Security Mandates cannot be waived. And you must prove compliance to auditors.

Note that healthcare professionals are no longer alone here: Business Associates not accustomed to these heightened security requirements are at high risk here.

Get the EPICompliance HIPAA Security Module by Signing Up now for our Complete Compliance Suite.


The HIPAA Security Module provides:

  • Policies: Continuously updated library of policies in order to meet the ongoing requirements and evolution of the regulatory environment.
  • Forms: Standardized forms for implementation of policies and most-importantly: training and recognition of policy awareness. It is not enough to have policies available – personnel must be educated and tested and these policies must be used – you must be able to prove the policies are followed.
  • Documents A cloud-based document management repository provides secure storage and access for Policies, Forms and uploaded related/supporting documents.
  • Training: HIPAA and compliance officer certification through our education system – convenient online courses with verifiable testing and completion certificates.

Who Needs EPICompliance


All DIRECT health care providers and facilities need a provable compliance program:

  • Doctors and their offices; Physical Therapists; Occupational Therapists; Nurse Practitioners; Physician Assistants; Psychologists; Dentists; Oral Surgeons; Speech Therapists; Chiropractors; Home Health Providers...
  • Hospitals; Clinics; Surgery Centers; Imaging Centers; Pharmacies; Urgent Care Centers; Skilled Nursing Facilities; Nursing Homes...

All health care ASSOCIATED businesses and individuals need provable compliance:

  • Health care service and related industries that come in contact with health care information: Medical Billing Specialists; Plaintiffs' and Defense Attorneys; Estate Attorneys; Electronic Medical Record Companies; Practice Management Software Companies; Practice Management Consultants; Medical and DME Suppliers...
  • "Business Associates" - Any person or business that works with direct health care providers but do not come in contact with medical records: Biomedical Waste Companies; Information Technology Contractors; Janitorial Providers... 
  • All these businesses are obligated to comply with HIPAA and OSHA standards at the very least…
  • Please note: HIPAA compliance sanctions now extend to decision-making employees such as Office Managers. An unsuspecting Office Manager is now personally liable for the $50,000 per incident fines.