Thorough. Protected. Compliance.

TR-Product-Assurance-LargeThird Rock Assurance™ is a comprehensive solution that makes managing HIPAA compliance easy by streamlining and automating the process, reducing the workload while delivering full compliance audit reporting.  Powered by CompassDB™, our cloud based application that enables easy and swift navigation of your practice’s HIPAA compliance while maintaining the "Body of Evidence".

Learn more about CompassDB™ 

Benefits of Third Rock Assurance:

  • Reduces your practices liabilities including breaches, remediation costs, lawsuits, and OCR fines.
  • Improves your HIPAA privacy & security compliance.
  • Dramatically reduces your HIPAA burden. On average over 70%.
  • Simplifies and highly automates building and maintaining HIPAA records or the Body of Evidence that confirms your HIPAA compliance.
  • Improves your ability to get cyber breach insurance and reduce the premiums

Contact us if you have HIPAA related questions or concerns, or you would like a free, no obligations quote.

Still not convinced?  Then check out this...

“There are now only two types of companies left in the United States: those that have been hacked and those that don’t know they’ve been hacked.“ -Robert Mueller III, Director of the FBI

  • Lawsuits resulting from stolen patient data
  • Costly breach remedies
  • Expensive audit fines
  • Negative social media

Breach Target

Healthcare Security Breach Statistics

  • 32 million individual’s PHI has been exposed
  • For 2014: 49% of all breaches in healthcare industry
  • 19% of healthcare orgs breached past 12 months
  • Avg cost per breach - $807,571
  • Rate of Increase per year – 26%

Provider HIPAA/HITECH Fines

OCR levied over $10 million in fines in past 12 months!

  • $4,800,000: New York Presbyterian Hospital
  • $150,000: Adult & Pediatric Dermatology, P.C.
  • $1,725,000: Massachusetts Eye and Ear Infirmary

Risk Assessment
  • Complete risk assessment (privacy and security) with HHSC/NIST based survey
  • Performed by professional HIPAA experts onsite or remotely
  • Provides audit by 3rd Party
  • Tests HIPAA compliance and vulnerabilities on your computers. (PCI compliance test is optional.)
  • Online Workflow & Risk Management Tool CompassDB™ improves logging, simplifies process and saves 75% of time.
  • Results are recorded in CompassDB™ and used for subsequent assessment to further reduce time and cost.
  • Remediation list generated with clear instructions how to correct deficiency and recorded.
  • Includes HIPAA schedule/calendar to keep you current & compliant
  • Assessment Report generated from results.
  • Compliance Report generated on-demand to show improvement from remediation.
  • An enterprise solution approach priced for small practices and business associates.
DiY Risk Assessment
  • Complete risk assessment with HHSC/NIST based survey
  • Step-by-step guide to help you perform the assessment
  • Built-in remediation and reminders to help you finish the assessment and remediation.
  • Assessment Report generated from results.
  • Compliance Report generated ondemand to show improvement from remediation.

  • A way for small shops to benefit from a tool that manages their HIPAA compliance at a very affordable price.
  • Self-Assessment coming soon (June 30, 2016).
HIPAA Policies and Procedures
  • Complete set of Privacy and Security policies and procedures including Risk Management Plan, Emergency Response and Contingency (Disaster Recovery) Plan, Technology Security Plan, Sanctions, and Breach Notification Plan.
  • If required, customized policies and procedures developed to meet the unique needs of your organization.
  • IT Plan - How to plan, budget & manage your IT systems. Includes a budget template, software key registry, checklist, and vendor list.
  • Written for any staff member to understand and perform.
  • Maintained and updated automatically in CompassDB™ to keep them current further reducing your costs.
Compliance Assessment Dashboard - CompassDB™
  • Web based risk assessment and document management solution
  • Track and manage remediation
  • Reduce time and effort and future costs
  • Provides documentation for compliance requirements
  • Provides off-site access to contingency plans and documents
  • Compliance results are distilled into an easy to understand HIPAA Security Dashboard™
  • Document, Document, Document. This tools logs all the information you need to pass an audit. The Body of Evidence is paramount and CompassDB™ builds that for you as you perform your remediation.
Network Security Scan
  • Network discovery, which creates a required inventory of devices
  • One time scan to identify security vulnerabilities and non-compliance issues across your computers and devices
HIPAA Training
  • Online self-paced courses available for your workforce and HIPAA Compliance Officer with certificate of completion.
  • Custom courses tailored to your customized Policies and Procedures and designed to address Risk Assessment deficiencies that are repetitive across the organization.
  • Available via CompassDB™.
  • Free CE HIPAA Course for Board, Owners, and Management via webinar and recorded video.

Policies & Procedures
  • Includes complete set to operate in complaince
  • Includes Security, Communications, Breach, and Training Plans
Contingency Plan
  • Ready to use
  • A professional Business Continuity and Disaster Recovery plan
Information Technology Plan
  • Professional IT strategy
  • Includes budget, maintenance, security, and contingency planning
  • Finding the right technical support professionals
Continuous Network Security Monitoring
  • All computers and network devices monitored for vulnerabilities, security, changes
  • Can be run nightly, weekly, monthly
  • Dashboard status with easy to understand, yet detailed reports
  • Scans are fully automated
Encrypted and Secure Email
  • The only secure, automated, verified, encrypted email solution
HIPAA Training
  • HIPAA Awareness for entire staff
  • New employee awareness and security training
  • Security Officer
  • Refresher Courses

Determine your HIPAA risk by completing our HIPAA Quick-Check below or at

Steps Towards Compliance MaturityCitationPass?
Policies & Procedures documented & updated periodically? (per HITECH)164.316
HIPAA Training and Education with regular refresher classes?164.308
Enforcement of Policies and Procedures?164.308
Review & discovery of all ePHI at your practice?164.308, 164.312
Business Associate Agreements implemented with all suppliers?164.308, 164.314
Documented Breach Protocols and Notification Processes?164.308, 164.400-414
Completed an annual Risk Assessment (RA) with recorded results?164.308
Automated assessment of all networked devices?164.308, 164.312
Protect ePHI while at rest and in motion?164.312
Independent 3rd party continuous security monitoring?164.308, 164.312

Count the number of Passes

Unfortunately, anything less than 10/10 means you are exposed!

* Quick-Check steps based on HHS HealthIT Guide to Privacy and Security of Health Information document.

Trusted Advisors – We Make Your Life Better

  • Over 65 years of combined experience in healthcare industry.founded
  • Extensive enterprise & healthcare experience.
  • We’re not auditors, we’re operational experts.
  • Providing a complete HIPAA compliance solution.
  • Risk Assessment HHS and NIST SP800 compliant.
  • Corrections and improvements assistance provided.
  • Complete set of required documents.
    • Policies & procedures, security plan, breach & notification plan, contingency plan, training, logging and reporting.
  • Industry leading security tools to help ensure your PHI is secure.
    • Government approved network security tool.
    • Government approved email encryption and verification tool.
  • Continuous monitoring against cyber-attacks and breaches.

No-obligation review of your HIPAA compliance needs.

Call: (512) 310-0020 or Contact Form