HIPAA Risk Management

We make HIPAA compliance simple easy and affordable. Everything you need to get compliant is in one tool. No more spreadsheets!

Powered by CyberCompass®, we save you time and money. For less than $60 a month you get everything you need, saving up to 400 work hours.

While healthcare is not the most targeted industry for cyber attacks, it has the highest number of breaches. The cost per record on healthcare breaches is around $400.

Why does PHI have such a high value? A credit card can be canceled but your medical history cannot. Once a thief has PHI, they can set up a new identity, open credit cards, obtain prescriptions and file false insurance claims. They can even affect your criminal record.

Are you doing your best to protect your patients?

Create a Cyber Secure Culture

Healthcare is the only industry that has a greater threat from the inside than from the outside. According to Verizon Data Breach Report, 56% of healthcare breaches started from the inside.

Contributing factors include:

Human error

Abuse of access, usually for fun or curiosity

Malicious intent

Training is not only a requirement, but an important element to creating a cyber secure culture. Get your employees on the same page and align expectations from top to bottom. Our affordable, on-demand training for employees and administrators will help you take the first steps toward cyber safety.

Be Empowered to Manage HIPAA Cyber Risk

HIPAA risk management and compliance goes beyond technology.  Anti-virus software is not enough for holistic protection. We help you cover your people, processes, technology and vendors.

Cover your PEOPLE with on-demand training

Cover your PROCESSES with updated policies and procedures

Cover your TECHNOLOGY with network vulnerability scans and penetration testing

Cover your VENDORS with built in vendor management

We offer a complete set of cyber risk management services to help you become cyber confident with our easy and affordable HIPAA compliance in a box. Whether you need a few features or a full security makeover, we’ve got you covered.

HIPAA Risk Management Software

Third Rock offers CyberCompass® automated compliance software with built-in expertise that translates HIPAA government requirements into layman’s terms. It does most of the heavy lifting with the analysis and compliance documentation to streamline HIPAA compliance workflow.

It is cloud-based, so it can be accessed anywhere with no software download. You don’t have to be a HIPAA or cybersecurity expert to use CyberCompass®.

Our automation can save your firm over 400 hours in twelve months on becoming and staying compliant.

  • Answer one set of simple yes/no questions
  • Flexibility to start and stop – CyberCompass® saves your progress
  • Compliance gap report to gain visibility into your non-compliance
  • Built in step-by-step guide to fix issues and get compliant quickly
  • CyberCompass® online vault to save your “body of evidence” in one place
  • Monitor your compliance for 12 months with dashboards and reporting


How CyberCompass® works

It has greatly improved our ability to keep our compliance manuals, projects, audits and policies organized. Having a one-stop place for everything compliance related is fantastic.

Richard Hughes, South Texas Spinal Clinic


Free Trial






Your Text

Your Text

Your Text

Your Text

Your Text

Your Text

Your Text

Cyber Compass® Features

Know your vulnerabilities

Online security risk assessment with simple yes/no survey

Autogenerated prioritized risk analysis and report

Prioritized Corrective Actions

Build Resilience with Automation

Step by step guide to correct issues

Project management tool tracks issues and their status

Complete Business Associate compliance management 

Stay Vigilant

Executive dashboard give accurate, live results

Custom Reporting

Upload and maintain all your documentation in encrypted vault

HIPAA required training

Empowered Risk Management


Billed Annually

Value: $1,400 

Empowered Risk Management + Training 25


Billed Annually

25 employee seats

Training Value: $375

Total Value: $1,650

Empowered Risk Management + Training 50 


Billed Annually

50 employee seats

Training Value: $750

Total Value: $1,900

Professional Services


Contact Us

Rapid Response & Remediation Services

Remediation Assistance

Network Scans & Penetration Testing

Virtual Compliance Officer

Virtual Chief Information Security Officer

Remote Consulting Services

On-site Consulting Services

Only need HIPAA Training? Check out our packages to get your workforce and officers trained.

Every package includes:

  • Fully online course
  • On demand/ Self paced
  • 1 hour staff course in 4 modules
  • 3 hour officer course
  • Progress tracked per person
  • Certificate of Completion


Free Trial


25/2 Package


Billed Annually

Includes up to 25 staff seats 

Includes up to 2 officer seats

Value: $450

50/3 Package


Billed Annually

Includes up to 50 staff seats

Includes up to 3 officer seats

Value: $975

100/5 Package


Billed Annually

Includes up to 100 staff seats

Includes up to 5 officer seats

Value: $1,875