TOLL FREE:  877-228-3950


Download our FREE HIPAA-Compliance Cheat Sheet Now!

"We help our healthcare professionals and Business Associates achieve and stay HIPAA-compliant, so they can rest easy about their IT infrastructure without fear of failing an audit and facing heavy fines!"

~ PropellerHeads Client Transformation Credo


(Implementation Services)

Our HUB3i bundled implementation services are for those failing to meet - in part or in whole - all three Standards as laid out by the regulations of HIPAA:  Administrative, Technical, and Physical.  We'll get you up to speed on the major technical and procedural IT components of the Security Rule to become HIPAA-compliant, from both a management and infrastructure standpoint.


From start to finish, we'll get you squared away with not only the mandatory "Required" implementations, but the "Addressable" items as well.  Depending on your needs, we can bundle these services together or create customized packages.


To get you up to a compliance baseline with all three Standards, this is the solution for you!

Administrative Safeguards

  • Risk analysis - internal & external vulnerability testing
  • Log and system monitoring and reviews
  • Information access management for multiple organizations
  • Help create your Information Security Policy and Risk Management Plan
  • Help create your Sanction Policies to keep staff in compliance
  • Identify, document, and response procedures on security incidents
  • Emergency and contingency plans
  • Assemble all necessary agreements with Business Associates, including BAAs, MSAs, and SLAs


Technical Safeguards

  • Create necessary access control measures for server and non-server environments
  • Strict audit controls that monitor device and user activity
  • Encrypt and decrypt ePHI for access control and transmission security
  • Tight authentication measures

Physical Safeguards

  • Network, server, and workstation security safeguards
  • Device and media controls
  • Data backup and storage plans - local and cloud options


Not Sure Where You Stand?

Give us a call, and we'll come out and do a FREE network assessment to uncover any major vulnerabilities.  No obligation or purchase necessary.  Click below to learn more.



(Managed Services)

Our HUB3m is a managed service designed to keep you HIPAA-compliant in all three Standards as laid out by the regulations of HIPAA:  Administrative, Technical, and Physical.  For a fixed monthly amount per appliance, server, and workstation, we can keep you protected 24/7/365!  Furthermore, because we specifically market to the heath care industry, we'll make sure you are always keeping your PHI safe from prying eyes.




Our HUB3m Managed Services include the following...


  • All remote and on-site support tickets are included for each covered device
  • Anti-virus protection for each server and workstation - 24/7/365
  • Mal-ware protection for each server and workstation - 24/7/365
  • Optimization software for all your workstations and servers
  • Hardware and software audits and logging
  • Mobile device management and monitoring
  • Remote control license using LogMeIn, for faster resolution times
  • Windows and 3rd-party patches and updates
  • Full management reporting features
  • Client web portal
  • Assist with BAA management, as needed


To keep you in compliance after a baseline has been established, this solution is for you!


Each Workstation:  Starts at $55 p/month

Each Server:  Starts at $150 p/month

Each Mobile Device:  Starts at $10 p/month

Each Appliance:  Starts at $50 p/month


Don't Need Everything In A Bundled Service?

Scout through our infrastructure service offerings to meet your compliance needs

HIPAA Risk Assessment

Not every HIPAA-Covered Entity (CE) or Business Associate (BA) knows that they are required to have a risk assessment performed.  Those that do, may may have limited resources to invest in their patients' (or their own) protection. For these organizations, we offer you our HIPAA Risk Assessment package.


Your package will include all of the documents automatically organized and prepared by the module, including:


  • HIPAA Risk Analysis

Risk Analysis, required by the HIPAA Security Rule 45 CFR 164.308 (a)(1), includes the implementation of security measures to reduce risk to reasonable and appropriate levels to, among other things, ensure the confidentiality, availability, and integrity of ePHI and protect against any reasonably anticipated threats, hazards, or disclosures of ePHI not permitted or required under HIPAA.


A Risk Analysis is not a one-time activity, but rather a dynamic process that must be periodically executed, at least once annually. The risk analysis will identify new risks or update existing risk levels resulting from environmental or operational changes. The output of the updated risk analysis will be an input to the risk management process to reduce newly identified or updated risk levels to reasonable and appropriate levels.


Depending on the size and scope of changes within your organization, you may be required to run this quarterly.  At a minimum, a Risk Analysis must be executed at least annually.



  • HIPAA Risk Management Plan

Once a Risk Analysis has been executed, the next step in the risk management process is to develop and implement a Risk Management Plan.  The Risk Management Plan ranks individual issues from the Risk Analysis, based upon their potential risk to the network while providing guidance on which issues to address by priority.  Its purpose is to provide structure for the evaluation, prioritize the risks, and implement risk-reducing measures and controls.


The Risk Management Plan's prioritization and mitigation decisions will be determined by answering which controls and measures should be implemented, and the priority in which they should be addressed based upon their "risk score."  The implementation components of the plan include:


  1. Risk score (threat and vulnerability combinations) assigned to a particular issue being addressed;
  2. Recommendation(s) of measures and controls selected to reduce the risk of an issue;
  3. Ongoing evaluation and monitoring of the risk mitigation measures



  • HIPAA Policy and Procedures Document

This document enumerates the required policies and procedures pursuant to 45 CFR 164.308 (a)(1)(i), adopted to comply with technological aspects of the HIPAA Security Rule.  The policies are intended to ensure the confidentiality, integrity and availability of ePHI residing on your networks and computers, and the transmission of data outside of our networks, when appropriate.



  • Evidence of HIPAA Compliance

This document supplements the Risk Analysis and Risk Management Plan and offers substantiation and verification of policy compliance, by providing confirmation of timely performance of recommendations detailed in the Risk Management Plan.



Infrastructure Design & Architecture

Not sure where to start on making your office HIPAA-compliant?  Let us do the leg work for you.  Based on your needs and budget, we can design and implement an IT infrastructure that is tailored just for your business, while keeping you safe, secure, and on-line.


Not sure how secure your network is currently?  Give us a call, and we'll come out and do a FREE, non-intrusive network assessment on your office to uncover any vulnerabilities.  No obligation or purchase necessary.



Project Rate:  Depends on scope of project

Hourly Rate:  Starts at $125 p/hr, designed for smaller scale design where project rate is not needed


Local & Cloud Backups


Got a lot of data that needs pushed up to the cloud?  No worries.  We use AWS' Snowball service to copy all your files to their encrypted external drive (we'll provide this) and ship it back to them.  They then export those files into your AWS S3 bucket repository, that we create on your behalf.  Better yet, we do all this setup and leg work for you, so you don't have to worry about any of it!


Not sure if you need this?  Hint, if you're in healthcare, you're required to have this in place.


Server License Pricing:

Server Software:  $999 p/server

Annual Definition Updates:  $299 p/server

Initial Seeding to Cloud Server:  Starts at $300 (includes AWS NAS for all your files, setup, and configuration)

Service Rate of Initial Baseline Push of Your Files to Cloud:  Customized project rate, or hourly rate of $135 p/hr, depending on amount of data

Server Cloud Management Plans:  Start at $60 p/month and covers all support tickets, once baseline files are uploaded


Workstation License Pricing:

Workstation Software:  $50 p/workstation

Workstation Cloud Management Plans:  Start at $60 p/month and covers all support tickets

Service Rate of Initial Baseline Push of Your Files to Cloud:  Customized project rate, or hourly rate of $135 p/hr, depending on amount of data


Workstation & Server Optimization & Security

Got a bug on your computer or server?  We can help get it off before it spreads to your other workstations and servers.  We can clean off even the worst of infections, helping keep your critical PHI data safe.  We'll then work with you on implementing a plan of attack that dramatically lowers these intrusions in the future.


If you need just basic IT services for break-fix situations, this is the service for you!




Workstation:  Starts @ $125 - p/hr

Server:  Starts at $135 p/hr



Email Solutions

We offer cloud email solutions, which have the benefit of no on-site infrastructure cost in equipment.  Plus, you'll meet the HIPAA-compliance requirements of encryption at rest and transport of emails, as well as Disaster Recovery, since email and equipment are housed off-site and continuously backed-up, to ensure business continuity.  From Microsoft Exchange Server Online to Google G Suite solutions, we've got you covered in the email arena!



Got Questions?


PropellerHeads, Inc. BBB Business Review
SSL Certificate
© 2017-2018 PropellerHeads, Inc.

Privacy Policy