HIPAA / HITECH Compliance is Essential to Your Organization

DAB Consulting provides your healthcare organization with a full range of services to meet all HIPAA & HITECH rules and regulations

We work with your organization to get you up to code based on current regulations as well as working with you to prepare for future policy changes. Our services include auditing the electronic and physical footprint of your organization’s practices in working with personal health information (PHI) and provides a robust solution based on our findings to meet compliance requirements


The Health Insurance Portability and Accountability Act (HIPAA) of 1996 was enacted by Congress to improve health care in the United States by mandating standards-based security controls for the creation, storage, or transmission of electronic patient health information.

The Health Information Technology for Economic and Clinical Health Act (HITECH) was part of the American Recovery and Reinvestment Act of 2009 that was enacted by Congress and calls for the meaningful use of electronic healthcare records (EHR) and the protection and privacy of these records by increasing the original scope set out by HIPAA. This act increases the potential legal liability and penalties of both the organization and business associates due to willful neglect.


This is the maximum amount your organization can be penalized each year for violations through willful neglect that were not corrected.


DAB Consulting provides a wide range of services to help your organization achieve and maintain HIPAA / HITECH compliance. We work your organization using the following methodology:

Initial Meeting

Our consultants come visit your organization to get a better understanding of where we can help you in the protection of your electronic patient health information

Audit of Electronic and Physical Environment

The audit consists of our consultants inspecting your physical location(s) and technology infrastructure including EHR & PM systems to determine if there are any deficiencies

Review of Internal Documentation

We assess the documentation you keep for guidelines of the protection of patient health information including business associate agreements, acceptable use policies, & GAAP policies

Post-Review Meeting

We meet with your designated staff to go over our findings and provide recommendations, if necessary, on what needs to be done in order to meet compliance requirements

Implementation of Recommendations

We implement the recommendations that allow to achieve compliance requirements. Examples could include overhaul of electronic security, creating new software policies, creating new documentation to go over security standards for both employees and business associates, training of employees on how to protect patient health data, and various other measures to reduce exposure and security risks

Random Checks for Compliance

Once we have completed all implementations there will be random security checks to make sure that you are maintaining compliance and these reports will be provided to the staff that your organization designates to receive them.