HIPAA Compliance Consulting

HIPAA Compliance Made Approachable

An approachable HIPAA compliance platform for covered entities and business associates - with a clear plan to assess risk, fix gaps, train staff, and stay compliant.

Solo providers • small practices • vendors/MSPs • growing teams

Book a Free HIPAA Risk Triage Call View HIPAA Services
Trusted Since 2015 Zero Failed Audits. Ever. Direct Access to a Compliance Expert
"One Guy Consulting is great at what they do! I was intimidated to start work on this project, but nothing was further from the truth! Chuck was so professional and welcoming."
Jennifer M.
The Process

How It Works

From first login to full compliance, we guide you through four clear steps. That includes the HIPAA security risk assessment.

Assess and Analyze Automatically

Choose a Privacy Officer. Complete your Security Risk Assessment. Then get your Gap Analysis and Remediation Plan.

Adopt and Attest

Review and publish your policies. Then have staff complete attestation, HIPAA 101 training, and cybersecurity training.

Audit and Execute

Manage vendors, sign Business Associate Agreements, review vendor risk, and finish your site, device, and IT audits.

Anonymous Incident Reporting

Each account includes a way to report PHI incidents. Staff can report issues anonymously, and your Privacy Officer gets clear next steps.

Ready to get started?

Tell us where you are with HIPAA. We'll tell you what to do next.

Book a Free Demo of Our Solution
Chuck Weiselberg, Founder of One Guy Consulting
NYC-Based • Nationally Available

Meet Chuck Weiselberg

Founder & CEO | Certified HIPAA Professional (CHP)

Since 2015, Chuck has helped organizations build practical HIPAA programs that hold up in the real world. He is based in New York and works with clients across the country. See the complete HIPAA compliance guide for a practical overview.

He makes complex rules easier to follow and leads with empathy, clarity, and steady guidance.

Schedule a Call with Chuck
Chuck Weiselberg HIPAA intro video thumbnail
What We Offer

Products

Get the HIPAA help you need in one place, from gap analysis guidance to hands-on support that helps you finish the work.

HIPAA Security Risk Assessment

HIPAA Gap Analysis

HIPAA Remediation Plans

HIPAA Policy Templates

Staff HIPAA Training

Physical Site Audit

Device & IT Audits

Unauthorized Disclosure of PHI Reporting

Client Reviews

What Our Clients Say

Real reviews from real clients on Google.

★★★★★
"One Guy Consulting is super easy to work with. I actually look forward to my implementation meetings for HIPAA."
Samantha M.
★★★★★
"We've been working with One Guy Consulting for years and always been very pleased with the results."
Katie M. — Local Guide
★★★★★
"One Guy Consulting is great at what they do! I was intimidated to start work on this project, but nothing was further from the truth! Chuck was so professional and welcoming. He was always happy to clarify questions I had. They really knew how to put me at ease. Thanks so much, One Guy Consulting! Special shout-out to Chuck for getting me across the finish line."
Jennifer M.

Reviews verified on Google Business Profile

Professional Endorsements

What Colleagues Say

Recommendations from professionals who have worked alongside Chuck.

"Charles is a master of automation, allowing him to operate with the output of a much larger team while working as a department of one."
Omar Barazanji - Machine Learning / MLOps / Agentic AI Engineer - View on LinkedIn
Simple Pricing

Pricing

Flat-rate HIPAA compliance plans for covered entities and business associates. See how long HIPAA compliance takes.

Annual plans are prepaid and include 2-year loyalty pricing. Monthly plans stay flexible for teams that want a lower-commitment starting point.

Need Only One Piece?

Browse our A La Carte Catalog

The main plans above are still the simplest path for full HIPAA coverage. Use the catalog only if you already know which narrower deliverable or workflow you want.

Browse A La Carte Options
Self-Guided
Standard pricing
$199/mo $2,000/yr
$675/yr
Charged annually for a one year subscription.
  • Security Risk Assessment
  • Auto-generated Gap Analysis & Remediation Plans
  • Policy & Procedure Templates
  • Staff Training
  • Track Staff Training Progress and send reminders as needed
  • IT Inventory Audit, IT Network Audit, and Physical Site Audit
  • Vendor Management with digital Business Associate Agreement execution
  • Incident Management System w/ Anonymous Reporting
Choose Annual Self-Guided
Or
Loyalty Discount
$1,175/24 mos
2-year prepaid plan — $1,175 for 24 months.
Choose 2-Year Self-Guided Plan
Most Common
Full-Scope
Standard pricing
$399/mo $4,000/yr
$1,300/yr
Charged annually for a one year subscription.
EVERYTHING IN SELF-GUIDED, PLUS:
  • 4 Hours 1:1 with Chuck for personalized implementation
  • Expert Help from Day One
  • Incident Response guidance
  • Unlimited Support
  • Best Practice Recommendations
  • RFP (Request for Proposal) Audits
  • HIPAA Security Rule implementation
Choose Annual Full-Scope
Or
Loyalty Discount
$2,300/24 mos
2-year prepaid plan — $2,300 for 24 months.
Choose 2-Year Full-Scope
FAQ

Frequently Asked Questions

Any group that handles Protected Health Information (PHI) must follow HIPAA. That includes providers, health plans, and business associates like IT vendors, billing companies, and cloud providers.
Our HIPAA compliance process takes about 1–2 months. We work at your pace to ensure nothing is rushed or overlooked.
An SRA is a yearly HIPAA risk review. It finds risks to electronic PHI and helps you decide what to fix first.
HIPAA violations can lead to fines from $100 to $50,000 per violation, up to $1.5 million per year. In serious cases, they can also lead to criminal charges and loss of trust.
Yes. HIPAA compliance is ongoing. We help with yearly SRA updates, policy reviews, staff refreshers, and day-to-day questions.
A HIPAA gap analysis shows where you do not yet meet the rule. In our tool, it is created right after you finish the security risk assessment.
A HIPAA remediation plan shows what needs to be fixed and the steps to fix it. Ours are created automatically after the SRA.
No. We provide policy templates tuned to HIPAA requirements. You tailor them to your organization rather than writing from zero.
Each staff member should complete policy attestation, HIPAA 101 training, and cybersecurity awareness training each year. Our platform tracks all of it.
No. One Guy Consulting is not a law firm and does not give legal advice. You should talk to an attorney before making major legal or business decisions.
Self-Guided is built for Privacy Officers and compliance professionals who already understand HIPAA requirements and need a platform to centralize their compliance work — risk assessments, policies, training tracking, and audits — without hands-on consulting. Full-Scope is built for organizations that need guided implementation. You get 1:1 consulting hours with Chuck plus all platform tools, so you are never working through requirements alone. Choose based on your team's HIPAA experience, not price. Self-Guided assumes working knowledge of HIPAA rules. Organizations without in-house compliance expertise will get more value from Full-Scope.
Cost depends on organization size, complexity, and how much support you need. Our Self-Guided plan starts at $199/month and Full-Scope starts at $399/month. Both include the full platform — risk assessments, gap analysis, policies, training, vendor management, and audits. See our HIPAA compliance cost breakdown for a detailed look at what drives pricing across the industry.
One Guy Consulting does not handle PHI as part of our service, but we are happy to sign a BAA with your organization if you would like one in place.
Onboarding follows four steps: (1) Choose a Privacy Officer and complete your Security Risk Assessment to get your Gap Analysis and Remediation Plan, (2) Review and publish your policies, then have staff complete attestation, HIPAA 101 training, and cybersecurity training, (3) Manage vendors, sign Business Associate Agreements, review vendor risk, and finish your site, device, and IT audits, (4) Set up anonymous incident reporting so staff can report PHI issues and your Privacy Officer gets clear next steps. Most organizations complete the process in 1–2 months.
Resources

Featured HIPAA Resources

HIPAA Compliance Essentials for 2026

Use this as a practical roadmap for building a complete compliance program.

Learn more

What Is HIPAA? The Complete Beginner’s Guide

Understand what HIPAA requires, who it applies to, and why it matters for your organization.

Read the HIPAA overview

Protected Health Information (PHI): What Counts and What Doesn’t

Learn what qualifies as PHI, the 18 HIPAA identifiers, and how to handle it properly.

Explore the PHI guide

Business Associate vs Covered Entity: Key Differences

Understand role boundaries so contracts, obligations, and audits stay clean.

Learn more

Patient Rights Under HIPAA: A Provider’s Guide

Understand the access, amendment, and disclosure rights your patients are entitled to.

Read the patient rights guide
Industries Served

Specialties We Serve

Dental Practices Mental Health Providers Medical Clinics Pharmacies IT Vendors & MSPs Healthcare Startups EHR Companies Hospitals Billing Companies Skilled Nursing

And any/all other healthcare providers or business associates that handle PHI.

Get In Touch to discuss your HIPAA challenges

If HIPAA work feels stalled, confusing, or overdue, reach out and we will help you map the next steps.

Free HIPAA Triage Call