Clinic Compliance Snapshot (48–72 hours)

Practical, evidence-backed checks for private practices and multi-site clinics. HIPAA/PHIPA mapping, insurer-friendly output.

Book a Snapshot Sample Snapshot (PDF)

Scope

PHI handling: intake, EHR access, audit trails, retention
Identity & access: staff roles, MFA for admins, break-glass
Vendor risk: BAAs for EHR, billing, backups
Network & endpoints: encryption at rest/in transit; patch cadence
Incident & DR: breach playbook, RTO/RPO, restore evidence

What you get in 48–72 hours

Findings mapped to HIPAA/PHIPA with risk ratings
7/30/90 day plan with owners and effort estimates
Evidence checklist for insurers and auditors
Executive one-pager for leadership

Quick pre-flight (optional)

Access

SSO for EHR
MFA for admins
Quarterly access reviews

Vendors

BAAs executed
Backup vendor coverage
Log retention ≥ 12m

Book a Snapshot