About ecfirst, Home of the HIPAA Academy

Devoted To Our Clients. Delivering with Passion.

ecfirst, Home of The HIPAA Academy™, is a leader with rich hands-on experience delivering world-class services in the areas of:

  • Security regulatory compliance solutions (HIPAA, HITECH Act, PCI DSS, NIST and ISO 27000 Standards, State Regulations)
  • Compliance training and certification
  • HITECH data breach and incident response management
  • End-to-end Meaningful Use EHR Stage 1 objective driven services including gap assessment, risk analysis, reporting and more
  • Health Information Technology (IT) services including On-Demand Consulting (starting @ 40 hours), Management Compliance Services Proposal (MCSP), IT professional staffing and project management, customized portal development and security technology implementation

Compliance and Training Certification

ecfirst, home of the HIPAA Academy™, offers the gold standard in compliance training and certification. The HIPAA Certified Security Compliance Specialist™ (CSCS™) and Certified HIPAA Professional (CHP) certifications are the only certifications recognized in the Industry. The ecfirst Certified Security Compliance Specialist™ (CSCS™) Program is the first and only information security program that addresses all major compliance regulations from a security perspective.

ecfirst delivers world-class information security and regulatory compliance solutions. With over 2,000+ clients, ecfirst was recognized as an Inc. 500 business – America’s Top 500 Fastest Growing Privately Held Business in 2004 – our first year of eligibility. ecfirst serves a Who’s Who client list that includes technology firms, numerous hospitals, state and county governments, and hundreds of businesses across the United States and abroad. A partial list of clients includes Microsoft, Symantec, HP, McKesson, EMC, IBM, Principal Financial, U.S. Army, U.S. Dept. of Homeland Security, U.S. Dept. of Veterans Affairs and many others.

 Regulatory Compliance Practice

The ecfirst Regulatory Compliance Practice delivers deep expertise with its full suite of services that include; HIPAA Privacy Gap Analysis, Meaningful Use Risk Analysis, HITECH Data Breach, Technical Vulnerability Assessment, Policy and Procedure Development, Disaster Recovery Planning, On-Demand Consulting, as well as managed security and IT infrastructure solutions.

ecfirst Differentiators

ecfirst combines state of the art tools, the highest credentialed staff, and reporting that maximizes value, efficiency, and information for our clients to deliver the industry’s best technical vulnerability assessments.

Critical ecfirst differentiators include:

  • Home of The HIPAA Academy™ – First in the healthcare industry with the Certified HIPAA Professional (CHP) and Certified Security Compliance Specialist™ (CSCS™) programs
  • Highly credentialed professional consulting team with expertise in HL7, ICD-9/10, HIPAA, HITECH, Meaningful Use
  • Deep experience in the healthcare industry
  • Compliance based vulnerability assessments
  • Executive dashboards that may be tailored for senior management to highlight critical findings

Talk to ecfirst and you will find an organization that is passionate about the services we deliver and exceptionally devoted to its clients. We deliver value with intensity and are confident about our performance with your organization.

Ali Pabrai, chief executive of ecfirst is a highly sought after security and compliance expert. He is also author of the executive brief Cyber Security Strategy: The 4 Laws of Information Security.

Pabrai was the first to launch a program focused on global information security regulations, the Certified Security Compliance Specialist™ (CSCS™) program. The CSCS™ program addresses PCI DSS, FISMA, ISO 27001/27002, FISMA and other security regulations and standards. Pabrai is a proud member of the U.S. FBI InfraGard.

Read more about Ali Pabrai and Cyber Security

Connect with Ali Pabrai on LinkedIn


ecfirst is a leader with rich hands-on experience delivering Information Technology (IT) and Regulatory Compliance solutions. ecfirst specializes in bringing you exceptional value with its full suite of services that include managed security and IT infrastructure solutions.

Your Challenge – Our Priorities

The ecfirst business model is client-driven. Every engagement with our client results in a delivery team that brings in not just expert domain knowledge but exceptional industry and associated regulatory compliance experience.

The typical ecfirst client is a medium to large-sized organization in industry verticals that include financial, health care and government (state, county, and federal). Having successfully completed many projects, ecfirst is positioned to assist you in the specific areas of:

  • IT Infrastructure Management
  • Web Application Development
  • Services Oriented Architecture (SOA) Design & Development
    • Review of Existing Architectures
    • Modification of Architecture for Optimum SOA
    • Implementation of Solutions in Support of SOA
  • Information Security
    • Vulnerability Assessment (Penetration Testing)
    • Managed Security Services including 24×7 Nationwide Network Monitoring
  • Regulatory Compliance (HIPAA, FISMA)
    • Risk Analysis
    • Audit & Evaluation
  • Contingency Planning & Business Impact Analysis (BIA)
    • Disaster Recovery Consulting
  • Staffing
    • Project Managers
    • HIPAA Security Officers and Professionals
    • Business Continuity Professionals
    • Web Architects and Senior Developer

The ecfirst GUARANTEE

We will not be satisfied unless you are. That is an ecfirst guarantee we take enormous pride in! The ecfirst GUARANTEE includes:

  • Delivery/implementation team members are certified professionals with credentials such as CISSP, CBCP, and CHSS
  • Expert regulatory compliance experience that can be leveraged by your organization – Sarbanes-Oxley, FISMA, HIPAA and others
  • Experience with industry accepted standards and publications that include the NIST Special Publications SP-800-Series and the ISO 27000
  • Hands-on experience from your industry – health care, financial, and government (state, county and federal)

Our Commitment to You

You will find us to be an organization that listens intensely to understand your challenges. We will work closely with you to develop a proposal and a solution that meets your requirements. Our proposals are typically delivered within 1 business day and are constructed to deliver exceptional value including fixed price, a flexible engagement model and a single point of contact.

Talk to us today. We can be reached at +1.877.899.9974 x23

Welcome to the ecfirst Resource Center!

In the resource center, you will have access to:

ecfirst delivers world-class information security, regulatory compliance solutions and its professional services team enables businesses address IT staffing challenges every day. ecfirst facts include:

  • Over 2000 clients in 9 years of business
  • Recognized as Inc. 500 business in 2004 – our first year of eligibility
  • Successfully delivered fixed bid projects across the United States
  • Focused in the areas of IT staffing, compliance and information security

A partial list of who’s who ecfirst clients includes EMC, IBM, Principal Financial, U.S. Army, U.S. Dept. of Homeland Security, U.S. Dept. of Veterans Affairs and many others.

Call us at +1.877.899.9974 x23 (or +1.515.444.1221) to discuss your IT challenges.