ecfirst Clients 1,000s

of ecfirst Clients

Continents 5

Clients in Continents

U.S States 50

Clients Across All U.S States

certificate 20,000

Trained/Certified Professionals

credientials 3

Established Cybersecurity Credentials


Risk Analysis

It is a HIPAA & HITECH Meaningful Use Mandate. Small Practices, large health systems, business associates must comply. Conduct a risk analysis exercise annually.

Vulnerability Assessment

Compliance mandates require the infrastructure to be assessed from the outside (external), from the inside (internal), firewall (DMZ) and wireless.

On-Demand Consulting (ODC)

ODC provide your organization with access to specialized compliance and security resources with no short- or long-term commitment.

Managed Cybersecurity Services Program (MCSP)

MCSP designed to assist organizations, including business associates manage cybersecurity requirements, security & core components of the infrastructure.

News & Events

Read More

Client Testimonials

Rockford Health System

ecfirst provides excellent value across a comprehensive portfolio of first rate solutions for regulations such as HIPAA | HITECH compliance, risk analysis, social engineering, vulnerability assessment, disaster recovery and business continuity. ecfirst is an excellent business partner that focuses on long term, successful relationships through consistently successful project delivery.

Joe Granneman
Chief Technology Officer (CTO) & Chief Security Officer (CSO)


We have come to rely on ecfirst as our partner for HIPAA and HITECH compliance. As a preferred client in the ecfirst Managed Compliance Services Program (MCSP), ecfirst makes sure that we do the right things at the right times with critical mandates. We have come to rely upon their expertise and are secure in knowing that we are getting the best advice possible. We would highly recommend ecfirst to any covered entity or business associate.

Lawrence Roberts, Principal
Integrated Health Management Services, LLC

Prime Healthcare

Prime Healthcare and its network of hospitals are excited to have exclusively selected ecfirst, home of the HIPAA Academy, to address HIPAA and HITECH regulatory compliance mandates. The engagement is based on the ecfirst Managed Compliance Services Program (MCSP) which is a complete end-to-end comprehensive compliance solution that addresses risk analysis, technical vulnerability assessment, policy development, social engineering, business impact analysis, creation of a disaster recovery plan, as well as on-demand remediation services for risk management (corrective action plan).

Corporate Marketing

Northwest Community Healthcare (NCH)

Ensuring secure and appropriate access is not just a compliance requirement, but vital for protecting confidential patient information. Northwest Community Healthcare (NCH) has been very fortunate to find a partner in ecfirst to address several compliance challenges, be it HIPAA, HITECH, PCI DSS or the FACTA – Red Flags Rule. NCH has been an early adopter of the ecfirst Managed Compliance Services Program (MCSP) which provides a comprehensive framework to address areas such as Business Impact Analysis (BIA), Disaster Recovery Plan (DRP), Risk Analysis, Vulnerability Assessment, Security Remediation, Training, Certification, Policy Updates and more. ecfirst has been a highly valued and responsive partner in its role to enable NCH to be a more trusted hospital

Suresh Krishnan
Chief Technology Officer (CTO) & Information Security Officer (ISO)

State of Illinois, Department of Human Services

I discovered ecfirst, Home of the HIPAA Academy, when I made an application to the National HIPAA Summit in Washington DC. As part of the application process, HIPAA Academy’s HIPAA certification courses were offered. I highly recommend the ecfirst and The HIPAA Academy certification courses.

Peg Tanner
HIPAA Chief Privacy Officer


Aultman Hospital in Ohio provides a broad spectrum of healthcare, with renowned specialties in emergency, acute, and primary care. The privacy and security of patient information is of vital importance to the organization. It is for this reason we selected ecfirst, Home of The HIPAA Academy, to conduct on a regular schedule a thorough and comprehensive review of our safeguards around PHI across the enterprise. ecfirst came across as a diligent organization, exceptionally professional and responsive to all our requirements, be it policy review, risk analysis or technical vulnerability assessment. A relationship of trust has been established and we have no hesitation in recommending ecfirst

Barbara J. McGill, AAB, CHP, CSCS™
HIPAA Security Officer/Analyst

Our Clients

MediSys Health Network
Beacon Health
Aultman Health Foundation
Provant Health
Bright Outcome