Compliance & Security

Auditing Solutions

Logo for FairWarning

FairWarning’s mission is to lead the industry expansion of trust in Electronic Health Records empowering care providers to grow their reputation for protecting confidentiality, scale their digital health initiatives and comply with complex Federal and state privacy laws such as HIPAA. By partnering with FairWarning®, care providers are able to direct their focus on delivering the best patient outcomes possible while receiving expert, sustainable and affordable privacy and compliance solutions. Customers consider FairWarning® privacy auditing solutions essential for compliance with healthcare privacy regulations such as ARRA HITECH privacy and meaningful use criteria, HIPAA, UK and EU Data Protection, California SB 541 and AB 211, Texas HB 300, and Canadian provincial healthcare privacy law.

For more information on FairWarning® visit or email

Logo for SPHER

SPHER™ protects patient PHI. SPHER leverages pattern recognition to determine if any suspicious behavior occurs within the EHR. SPHER represents a front-line defense against the threat of PHI violations resulting from unauthorized access. Required under HIPAA, and cyber-insurance qualifications, every compliance strategy should include User Activity Monitoring.

SPHER leverages artificial intelligence to automate the monitoring processes of eClinicalWorks EHR activity. SPHER analyzes the audit logs for any suspicious behavior, then alerts and defines the details surrounding the event, presenting a comprehensive step-by-step incident resolution process. SPHER stores this data for up to 7 years enabling healthcare groups the ability to demonstrate adherence to Security Standards during a CMR/OCR compliance audit.

To learn more about how SPHER™ protects both patient PHI and healthcare providers, visit

Security Risk Assessment

Logo for CompliancyGroup

Compliancy Group allows anyone to simplify the challenge of compliance, whether they are an experienced compliance expert or a small medical practitioner.

The Compliancy Group has teamed up with eClinicalWorks to offer a complete compliance-tracking solution including risk assessments for Meaningful Use, along with built in policy & procedure templates and HIPAA training programs to satisfy all of the HIPAA, HITECH, Omnibus, and PCI requirements.

The Guard, a simple, cost-effective, web-based solution, can help any organization regulate every aspect of HIPAA compliance. Use our Achieve, Illustrate, and Maintain methodology and Compliance Coach support to address the entire set of requirements in one simple to use solution.

For more information visit or contact us at 855-854-4722 (855 85 HIPAA) to learn how simple compliance can be.

Logo for ecfirst

ecfirst, established in 1999, is focused on the areas of compliance and cybersecurity. With thousands of clients across all 50 states and five continents, ecfirst delivers tailored cybersecurity consulting and certification training services. Specialized services include HITRUST certification, NIST, HIPAA, CMMC assessments, vulnerability assessment, pen tests, on-demand consulting, managed compliance, and managed cybersecurity. ecfirst introduced the industry’s first credential for HIPAA training and certification, the Certified HIPAA Professional (CHP) program. ecfirst also created the world’s first program on compliance and cybersecurity – Certified Security Compliance Specialist™ (CSCSTM) – and also launched the Certified Cyber Security ArchitectSM (CCSASM) program. ecfirst is a HITRUST Authorized External Assessor and a HIMSS Authorized Education Partner.

For more information, visit, or email


HIPAA requires all healthcare providers and their Business Associates to protect the privacy & security of Protected Health Information (PHI). The HIPAA Security Rule requires practices to perform various information security tasks in order to achieve and maintain compliance.GSG Compliance’s Risk Assessment leaves nothing to chance.

Our process:
With one of the most qualified groups of compliance experts leading the way, your practice will be lead through
our process of questions and answers, sources of information and the tools to put your practice in the best defendable position. Unlike most of the options in the market today, our compliance consultants will work closely with you to complete the Security Risk Assessment as a partner on your team. You will NOT be left to enter information onto a website with hopes you answered in the best possible way. Your answers will be carefully thought out, and designed to complement and integrate with your practice’s Information Security Policies.

GSG’s Security Risk Assessment will satisfy both HIPAA and Meaningful Use requirements. You will have the confidence that you will be prepared for a possible audit or breach, and meet the attestation security risk assessment requirements. With the private practice in mind, we have scaled our solution to be cost effective and efficient.
For more information, and to learn more about how you can put your medical practice in the best defendable position, please check out our website at or call 877-270-8306.

Logo for FairWarning

Med Tech USA, LLC the HIPAA compliance specialty company singularly focused on private practice physicians.  As the leader in private practice HIPAA compliance, Med Tech USA, LLC has a solid understanding of the unique situation private practice physicians find themselves in as they move their practice to the electronic health records world.  From basic HIPAA compliant policies to HIPAA training for staff and physicians to Meaningful Use risk assessments, Med Tech USA, LLC is here to be an advocate for the private practice physician.

Learn more at