SPIN Compliance Solutions is the premier hands-on HIPAA, MACRA/MIPS, OSHA, Stark Law, and Anti-Kickback Statute Compliance Training Company serving medical practices in the continental US. We have been passionately saving physicians from compliance penalties since 2018. Our mission is simple... Take the time and frustration out of keeping your practice compliant so you can focus on your patients and practice.

If you want to take the frustration out of keeping your practice compliant then you won’t find an easier solution. Our hands-on compliance training and security audits provided by our exceptionally trained staff make it possible for you to focus on your practice. Contact us now so we can take the headache out of keeping you compliant today.


The Health Insurance Portability and Accountability Act (HIPAA) protects a patient’s personal health information from being used or disclosed illegally by a covered entity. Most doctors don’t understand the issues that they can, and will, face should they be out of compliance.

Here are a few of the things that HIPAA requires:

Designate a HIPAA privacy and security officer

This individual should be responsible for developing and implementing the HIPAA compliance program. The security officer, or officers in some larger medical practices, should receive privacy or security officer training and should have the authority to act and the resources to follow through. 

Develop and implement HIPAA policies and procedures.

The policies and procedures should be specific to the medical practice.  The policies and procedures should be specific to exactly how the practice plans to secure patient data, respond to patient requests for medical records, and other medical information issues. In the eyes of government auditors, the only thing worse than not having a policy is having a policy and not following it.

We specialize in HIPAA, MIPS, OSHA, Medicare/Medicaid Audits, and more. View our services and see how we can help your medical practice today.

Provide HIPAA training to all staff members.

 Medical practices should conduct an SRA every year, and another one, if necessary, after any HIPAA breaches or complaints are filed.  The SRA is not a once and done type report.  It is an ongoing requirement in order to remain in compliance with HIPAA.

Complete a gap analysis and security risk analysis (SRA) to determine the current state of HIPAA compliance.

All staff, including physicians and other clinicians, should be fully trained on HIPAA’s requirements, as well as what the practice requires.  Established staff should have HIPAA review training every 6 months to a year, but each new employee should go through the full training.

Providing The Best Hands-On HIPAA Compliance Training Programs To Medical Practices in St. Louis, MO., Atlanta, GA., Houston, TX., Philadelphia, PA., Hershey, PA., Oklahoma City, OK., Reno, NV., Orlando, FL., Detroit, MI., Orange County, CA and the continental United States.

HIPAA Compliance & IT analysis by SPIN Compliance. We tailor a comprehensive HIPAA Compliance & IT analysis program based on your individual needs.

Make sure that all your vendors that create medical data on your patients have signed Business Associate Agreements.

Any vendor or third party that creates, maintains, etc., patient data, should have signed a Business Associate Agreement with your practice.  Without these in place, your practice is violating HIPAA and it can cause huge fines, penalties, and other issues.

HIPAA is an ongoing compliance plan that must be updated, followed, and enforced on a regular basis.  Practices should factor into their budgets the resources, time, and money necessary to ensure compliance with HIPAA.


The steep price of fines, penalties, lawsuits, and other settlements makes the cost of a comprehensive compliance program look extremely reasonable.  To be fully compliant with HIPAA requires funding, planning, implementation and ongoing monitoring. A medical practice’s level of compliance determines the time and monetary costs of becoming HIPAA compliant.

Our program offers cost-effective solutions to organizations so you can avoid HIPAA audits and monetary fines. Call Us Today!