Home         Services         Speaking Engagements       About Us         Contact Us         Resources


Healthcare Financial Services Corporate Compliance Speaking


For All Healthcare Providers and Payers

  • Strategic planning for functioning effectively in an emerging E-Health environment
    • How to integrate EHRs, e-prescribing, RHIOs, and other HIT initiatives within legacy infrastructures
    • How to align and manage major health information systems acquisitions, implementations, and operations consistent with executive and stakeholder requirements and expectations of improved patient safety, streamlined workflows, and regulatory compliance
  • Practical approaches to meeting security and privacy requirements of HIPAA, HITECH Act, 21 CFR Part 11, 42 CFR Part 2, and other regulatory standards
    • Document analysis: policies, procedures, retention
    • Independent validation and verification of existing risk assessments and risk management plans; performing new risk profiles and go-forth strategies
    • Advice related to international and state-specific privacy and security regulatory drivers and impacts
    • Reviewing specific technical product families for security/privacy compliance and impact
    • Providing expert testimony in civil and criminal proceedings
    • Providing oversight and guidance to information security projects/initiatives

For Academic Medical Centers

  • Providing a host of support services focused on regulatory compliance for HIPAA, FERPA, The Common Rule
    • Evaluating organizational regulatory compliance across multiple information-centric statutory requirements
    • Board, executive, managerial, and staff-level compliance training as well as focused IT security and privacy training
    • Coaching new Information Security Officer (s) with either limited AMC experience and/or information security experience; vetting candidates for ISO/CPO positions
    • Comparative analysis of information security levels with peer institutions
    • In depth analysis and, if necessary, recommendations for remediation of existing or planned operational security programs
    • Advice on specific areas of administrative and technological concerns; e.g., single sign-on, secure email, business continuity, incident response, etc.
  • Performing initial risk assessments and developing risk management plans and updates to existing risk assessments and risk management plans
  • Detailed privacy and security policy and procedure analysis

For Businesses that Provide Information Services to Healthcare clients

  • Review or development of security policies and procedures for HIPAA Business Associates
  • Performing risk assessments and developing risk management plans for working with healthcare clients.

For Employers with HIPAA-Covered Health Plans 

  • Review or development of security policies and procedures
  • Performing risk assessments and developing risk management plans


Financial Services

Gramm-Leach-Bliley Act (GLBA)

  • Evaluation of Privacy Rule and Security Rule categories compliance


Corporate Compliance (Publicly-Traded Companies)

Sarbanes Oxley Act (SOX)

  • High level assessment of Section 404 requirements compliance

Seminars, General and Focused Training

  • In all of the above industry areas and the listed subject matter





To learn more about our services, please contact us at (410)750-2497 or email us at info@johnparmigiani.com.