FAQs

Any person or business in the U.S. and its territories that is considered a Covered Entity or Business Associate likely needs EPICompliance.

All direct health care providers, healthcare related businesses and facilities (Covered Entities) need provable HIPAA, OSHA and ACA/OIG compliance programs. Also, businesses that are healthcare services and even related industries that come in contact with health care information and deal with covered entities also need compliance. These businesses are called Business Associates.

  • Doctors, Nurses, Surgeons
  • PT’s, OT’s, NP’s, PA’s
  • Hospitals, Clinics, Nursing Facilities
  • Health Plans and Insurance Companies
  • Practice Management Consultants
  • CPA’s and Attorneys
  • Data Management and Analyst Firms

We understand that choosing a HIPAA compliance solution can be a big decision for your organization, and we want you to feel confident in your choice. That's why we offer a 30-day money-back guarantee on all of our products and services. If for any reason you are not completely satisfied with your purchase, simply let us know within 30 days of your purchase, and we will refund your money in full.

Our goal is to provide you with the best possible experience and help you achieve compliance with the HIPAA Privacy, HIPAA Security, ACA OIG – Medicare, and OSHA for Healthcare federal mandates. We stand behind our products and services and are committed to your satisfaction. With our 30-day money-back guarantee, you can try our solutions with confidence, knowing that if they are not the right fit for your organization, you can receive a full refund.

Here at EPICompliance, we recognize that sometimes circumstances change, and you may need to cancel your subscription or service with us. Our cancellation policy is designed to be as flexible and straightforward as possible, while also ensuring that we can continue to provide the highest level of service to all of our customers.

If you need to cancel your subscription or service, simply contact our customer support team by phone or email. We will work with you to understand the reason for your cancellation and help you find the best solution for your needs. Depending on the circumstances, we may offer a prorated refund for any unused portion of your subscription or service.

We value your business and want to make the cancellation process as smooth and easy as possible. If you have any questions or concerns about our cancellation policy, please don't hesitate to contact us.

When you're ready to start the on-boarding process, simply select a convenient time slot on our on-boarding calendar. You can choose the appointment based on your availability, and our team will be happy to help you through every step of the process.

During the appointment, our team will provide you with a detailed overview of our on-boarding process and help answer any questions you may have. We understand that every business is unique, which is why we offer a customized approach to on-boarding. Our team will work closely with you to ensure that your needs are met and that the process is as smooth as possible.

If you have any questions about the on-boarding process or need assistance selecting an appointment, please don't hesitate to reach out to our customer support team. We're here to help you every step of the way.

Our Compliance Assistant is a dedicated team member who will work with your organization remotely to provide guidance, support, and assistance throughout your compliance journey. This person will be your main point of contact, and you can rely on them to answer any questions you may have, and help you navigate the complexities of HIPAA compliance.

With our Compliance Assistant program, you don't have to worry about navigating the compliance process alone. Our team member will work with you every step of the way to ensure that you are on the right track towards achieving compliance and maintaining it in the future. Whether you're just starting out or you're a seasoned healthcare professional, our Compliance Assistant is here to help.

We understand that healthcare organizations need to manage their budgets carefully. That's why we offer a flat monthly fee for our Compliance Assistant services. You won't have to worry about any hourly charges or unexpected fees. We believe in transparent and predictable pricing, so you can easily plan your budget and focus on your core business operations. Our Compliance Assistants are available to help you with a variety of tasks related to HIPAA Privacy, HIPAA Security, ACA OIG – Medicare, and OSHA for Healthcare compliance. With our affordable and reliable services, you can have peace of mind knowing that you have a dedicated partner in managing your compliance requirements.

If you're an organization in need of more than 50 Users and/or Licenses, we have Enterprise Solutions available to meet your needs. Our team can work with you to determine the best package and pricing to fit your organization's unique compliance requirements.

With our Enterprise Solutions, you'll still receive the same level of personalized support and guidance from our compliance experts. We'll work with you every step of the way to ensure that your organization is fully compliant with HIPAA Privacy, HIPAA Security, ACA OIG – Medicare, and OSHA for Healthcare regulations.

Contact us today to learn more about our enterprise solutions and how we can help your organization achieve compliance.

Yes, we offer comprehensive training programs to help our clients understand federally mandated compliance regulations and comply with them. We understand that compliance can be overwhelming and that's why we offer online training programs to help you stay up-to-date with HIPAA Privacy, HIPAA Security, ACA/OIG – Medicare (Waste Fraud and Abuse), and OSHA for Healthcare with Bloodborne Pathogens.

These training programs are designed to help you and your organization understand and implement the necessary regulations and best practices.

Our online training programs are accessible 24/7, so you can complete them at your own pace and at a time that works best for you. Each training module includes tests to ensure that you have understood the content. You can also track your progress and completion status, making it easy to meet your compliance requirements.

These training programs are a valuable investment in the safety and security of your organization. We're committed to helping you and your team stay informed and compliant.

Sign up today to get started!

The EPICompliance Audit Defense is a service offered to organizations who have undergone an audit or investigation by a regulatory body, such as the Office for Civil Rights (OCR) or the Department of Health and Human Services (HHS). Our Audit Defense service provides expert guidance and support to help organizations navigate the audit process and ensure compliance with relevant regulations. Our team of compliance experts will work with your organization to assess any identified issues or concerns and develop a plan of action to address them. This service is designed to provide peace of mind and reduce the risk of financial penalties and other negative consequences that can result from non-compliance.

Any person or business in United States or its territories that is a Covered Entity or Business Associate is required to have a HIPAA compliance program.

Covered Entities are generally all direct healthcare providers (for example: doctors; physical therapists; occupational therapists; nurse practitioners; physician assistants; psychologists; dentists; oral surgeons; speech therapists; and chiropractors), healthcare facilities (for example: hospitals; clinics; nursing homes; surgery centers; imaging centers; pharmacies; urgent care centers; skilled nursing facilities; and rehabilitation centers) and health insurance related businesses (for example: health plans and healthcare clearinghouses: health insurance companies; health maintenance organizations (HMOs); company health plans; and government healthcare programs - Medicare, Medicaid, Military and Veterans Administration).

Business Associates are healthcare service and related businesses that come in contact with protected healthcare information during the course of their business and in dealing with Covered Entities (for example: practice management companies and consultants; medical billing services; benefits management companies; transcriptionists; attorneys; accountants, bookkeepers and certified public accountants (CPAs); data management firms; data analysts; accreditation services; financial services providers; electronic health record (EHR) providers; practice management software companies; medical and durable medical equipment (DME) suppliers; server farms; and data storage facilities).

There must be a signed Business Associate Agreement (BAA) between a Covered Entity and a Business Associate.

If you are a Business Associate (as defined by the Omnibus Rule), and a Covered Entity who you are in business with sent your organization a BAA, you, as an authorized representative of your company, must sign the BAA.

In the same manner, if a Business Associate initiated a BAA with the Covered Entity, then the latter must sign the BAA.

Signing a Business Associate Agreement is but the first step in terms of what you have to do. Under the Omnibus Rule, a Covered Entity must obtain assurances that a Business Associate, and any subcontractor of them that have access to the Protected Health Information (PHI), is meeting the requirements of HIPAA.

In other words, the signed BAA serves as a guarantee that the Business Associate will appropriately safeguard PHI. The BAA also serves to clarify and limit, the permissible uses and disclosures of PHI by the Business Associate.

The law requires a Business Associate Agreement.

In most cases, the lack of a Business Associate Agreement is the first indication that your IT company may be overstating their capabilities and services.

We recommend a simple test to see if they are in fact in compliance with HIPAA - have them complete our Business Associate Attestation Form _HIPAA Security_.pdf (located in EPICompliance Customer Console > Forms and Policies > HIPAA Security > PDF Forms).

This form will provide you the necessary assurances to recognize if they are following HIPAA regulations.

If this cannot be done, we recommend the following:

  1. Sign a HIPAA compliant agreement, or
  2. Cancel the contract and look for another subcontractor.

Regardless of the decision, EPI Compliance is here to support and assist you.