Business Associate Solution for HIPAA Obligations

The HIPAA Final Omnibus Rule imposed new privacy and security compliance obligations on Business Associates while also modifying the definition of “Business Associate” - increasing the mandates and risks for these organizations. Business Associates (and their agents and subcontractors) are responsible for safeguarding the privacy and security of patient PHI - no Business Associate can avoid these HIPAA obligations. With limited staff and budget, Business Associates are challenged to:

  • Conduct a mandatory security risk analysis
  • Create relevant policies and procedures
  • Train their staff on HIPAA privacy and security

Meanwhile, more federal and state regulations have been passed with that continually increase the penalties for violations. As a result, many Business Associates are one breach or audit away from substantial risk to their business.

CompliancePro Solutions™ offers a wide range of products and services for Business Associates. Just as no two Business Associates are alike, CompliancePro Solutions has multiple ways to develop full solutions sets for our Business Associate customers. Some Business Associates process patient requests and manage more Covered Entity patient data, others do not. CompliancePro Solutions™ has a robust Library of HIPAA content that is useful for all types of Business Associates. We also offer our HIPAA investigation and operational works flow products to those Business Associates that might need them internally or wish to resell them to Covered Entities.

A CompliancePro Library Subscription provides Business Associates with the tools needed to help meet these compliance obligations including a mandatory Meaningful Use Security Risk Analysis, extensive HIPAA privacy and security compliant policy / form templates and training of their staff on the requirements for HIPAA privacy and security compliance. Our Library also includes Best Practices and Source documents of all the federal HIPAA and many State statues, rules and regulations, which we keep up to date as the privacy and security regulations evolve and change.


Our Business Associates’ Solutions Compliance Program will help you protect patient privacy and operate in accordance with current and upcoming regulations including:

  • HIPAA Privacy and Security Rules (45 C.F.R. Parts 160 and 164, Subparts A, C, and E)
  • Subtitle D of the HITECH Act
  • Recent updates in the “Omnibus Final Rule” which became effective March 26, 2013

We will give you the guidance and support you need, without having to become an expert in privacy laws and regulations or employ dedicated privacy and security staff. By employing our privacy and security products and services you will reduce your liabilities and improve staff efficiency and accuracy as they manage your increasingly complex privacy and security compliance obligations, while keeping budgets in control.


CompliancePro™ Library Subscription:

  • Security Risk Analysis - analyze your organization for vulnerabilities per HIPAA guidelines with our web-based Assessments app. This also meets a key Meaningful Use requirement.
  • Privacy Risk Analysis - perform a similar analysis of privacy vulnerabilities based on industry best practices
  • Privacy and Security Policy Templates - start with our templates to easily create HIPAA compliant policy and procedure documents for your organization
  • HIPAA Training Materials - utilize training materials to educate yourself and your workforce. A Library license includes training for up to 10 users.
  • Source Documents of all the federal HIPAA rules (and a growing list of state specific rules)

Full CompliancePro™ Subscription:

Larger Business Associate organizations may also want to purchase the full version of CompliancePro™ to take advantage of automated disclosure tracking and management of other HIPAA requests.


  • An initial “onboarding” training webinar to acquaint users with our tools and address initial questions.
  • Assistance in using our assessments, policy document templates, and other tools
  • Expert consulting on a wide spectrum of HIPAA subjects including Privacy and Security Risk Analysis.
  • Ongoing updates to the CompliancePro™ Library based on new regulations and best practices.


  • CompliancePro™ is a cloud-based solution that requires no IT resources
  • Our Security and Privacy Risk Assessment Tools are Excel-based and can be configured based on the type of healthcare entity (inpatient, physician office, business associate, etc.)
  • Our Policy Manuals are Word-based and utilize Word fields to make global customizations.
  • Our Workforce Training Materials are delivered through a web-based Learning Management System
  • All customer data is encrypted per HIPAA guidelines
  • CompliancePro™ is hosted in a SAS 70 / SSAE16 compliant data center

Schedule a Demo of CompliancePro™