You will get HIPAA compliance consulting, gap analysis and remediation
Top Rated
Project details
Are you navigating the complexities of becoming HIPAA compliant and unsure about the requirements, including the necessity of a BAA agreement? Have you missed out on business opportunities due to non-compliance?
As one of the best security compliance experts on Upwork, I have accompanied dozens of clients in implementing a HIPAA program. My goal is to streamline your journey to HIPAA compliance with a comprehensive approach:
- Initial one-on-one session to understand your HIPAA compliance motivation, business model, and technology infrastructure.
- A personalized analysis highlighting your current compliance status and identifying gaps.
- Collaborative development of action steps for compliance (e.g., updating security protocols or implementing security measures).
- Custom creation of essential information security and privacy policies tailored to your organization's specifics.
- A final review session to ensure all compliance measures are in place.
Let's get in touch!
As one of the best security compliance experts on Upwork, I have accompanied dozens of clients in implementing a HIPAA program. My goal is to streamline your journey to HIPAA compliance with a comprehensive approach:
- Initial one-on-one session to understand your HIPAA compliance motivation, business model, and technology infrastructure.
- A personalized analysis highlighting your current compliance status and identifying gaps.
- Collaborative development of action steps for compliance (e.g., updating security protocols or implementing security measures).
- Custom creation of essential information security and privacy policies tailored to your organization's specifics.
- A final review session to ensure all compliance measures are in place.
Let's get in touch!
Cybersecurity Expertise
Data Protection, Audit, Gap AnalysisTechnology Type
Firewall, IaaS, Computer Network, Data Center, Database, Operating System, SaaS, Web Application, CRM, Email System, ERP, Mobile Device, PaaSCybersecurity Regulation
HIPAA, HITECH, NIST Cybersecurity FrameworkWhat's included $7,000
These options are included with the project scope.
$7,000
- Delivery Time 15 days
- Compliance Plan
- Gap Analysis
- Implementation
Optional add-ons
You can add these on the next page.
Automation Platform
(+ 3 Days)
+$5,000Frequently asked questions
16 reviews
(16)
(0)
(0)
(0)
(0)
This project doesn't have any reviews.
GM
Gus M.
Jan 30, 2025
DPO/CISO - GDRP a, ISO27001, SOC2 Consulting, Implementation, Monitoring
CG
Courtney G.
Oct 25, 2024
HIPAA implementation for the insurtech sector
Great service & responsive. Very knowledgable.
SS
Sonya S.
Oct 1, 2024
Security Complience
Working with Taha was a great experience. They demonstrated professionalism, strong communication skills, and delivered high-quality work within the agreed timeline. Their expertise and attention to detail were evident throughout the project. I highly recommend Taha for any future projects and look forward to collaborating again.
KK
Kunick K.
Jul 30, 2024
vCISO for SOC2
Taha is absolutely fantastic! Our company needed SOC2 compliance, as we started attracting enterprise-level clients, but we had no prior experience. From the beginning, I got a great vibe from Taha on our initial call -- he took the time to understand the specifics, explain the process, and how he could help us.
Throughout the process, Taha was extremely professional, dependable, and responsive. He took full ownership of the project and let us focus on our business. The results speak for themselves, as Taha got us a clean SOC2 report with no exceptions and faster than we expected (2 months!).
I highly recommend Taha for any and all of your security and compliance needs. He knows his stuff, takes the time to explain the details to you, and has experience on the audit side (which is very valuable). Look no further!
Throughout the process, Taha was extremely professional, dependable, and responsive. He took full ownership of the project and let us focus on our business. The results speak for themselves, as Taha got us a clean SOC2 report with no exceptions and faster than we expected (2 months!).
I highly recommend Taha for any and all of your security and compliance needs. He knows his stuff, takes the time to explain the details to you, and has experience on the audit side (which is very valuable). Look no further!
TO
Tradervue O.
Apr 26, 2024
You will get PCI-DSS compliance consulting by a certified security expert
About Taha
Security, Privacy & Compliance - SOC 2 / HIPAA / ISO 27001 / CISO
100%
Job Success
Paris, France - 12:05 pm local time
Ex-Big 4 senior consultant with 10+ years of experience in assisting clients in cybersecurity, IT compliance, AI security management and security risk assessment projects.
❗You have lost contracts because you were not certified?
❗Your clients pressure you to provide them with an information security certification (PCI-DSS, SOC 2, ISO 27001, HIPAA, FedRAMP, CMMC, ISO 42001) ?
❗You don't know what to answer to the security assessment questionnaire you recently received from your biggest client & it's taking too much time ?
❗You don't have time and resources to be consumed by compliance efforts and endless meetings?
❗You are struggling to understand the certification process, the related cost, and the timelines?
❗You just purchased a compliance tool (Drata, Vanta, Thoropass, Sprinto, OneTrust/Tugboat, SecureFrame, Strike Graph, Audit Board, TrustCloud) but don't know the next step or don't have time for it?
Services provided:
📝 Policies & Procedure writing & review
📝 Security gap analysis (based on frameworks on your choice, ISO 27001, NIST, SOC 2, etc.)
📝 IT and Compliance Audits
📝 Performing Risk Assessments, risk treatments, and establishing actions plans & roadmaps.
📝 Evaluation of the existing IT security state of maturity against established standards & regulatory requirements.
📝 Organization-wide security strategy
📝 Support in Governance, Risk & Compliance (GRC) projects
📝 Cloud security governance, management and strategy
📝 Security Operations
📝 DPO service: I can provide you with assistance with regards to GDPR/CCPA compliance, policy writing/reviewing, GDPR gap assessment analysis, and accompanying you in your GDPR compliance journey and Data Privacy requirements.
📝 CISO service: I can provide you with assistance and support in defining your security strategy, putting in place action plans and following up implementation over the long run.
💥WHY ME AND NOT ANOTHER FREELANCER?💥
✅ Big 4 consultant expertise. End-to-end managed security services.
✅ All work is completed by myself, with constant communication with you and taking into account your every remark & need.
✅ Excellent Client Reviews: I focus on providing you with VALUE and earning your TRUST.
✅ Over-Delivering: I focus on GIVING you more than what I expect to RECEIVE. I am happy when my client's expectations are exceeded.
✅ Responsiveness: All lines of communications are open, and I can be reached very easily.
✅ Kindness & Ethics: As security and compliance professional, we hold ourselves to high ethical values, treating everyone with respect, understanding and genuinely IMPROVING my client's situation.
Let's get in touch.
(The hourly rate shown is indicative only, as I adapt depending on the project and client's budget)
Security questionnaire and vendor assessment tools:
CyberGRX, Panorays, KY3P (S&P, PWC), RSM, CyberVadis, SIG, CAIQ, VAS, HECVAT, OneTrust, Graphite Connect, Centrl, Whistic,
Compliance management tools:
Drata, Vanta, Onetrust Compliance Automatization - Tugboat Logic, Sprinto, SecureFrame, Thoropass (HeyLaika), Trust Cloud, Strike Graph, Audit Board, ISMS.online, Instant27001
Security/Compliance frameworks: ISO 27001, SOC 2, FedRAMP, NIST 800-53, NIST 800-171, NIST CSF, TISAX, HIPAA, HITRUST CSF, GDPR, NERC, ISO 27017, ISO 27018, CMMC, CMMI, TX-RAMP, StateRAMP, AZ-RAMP, NY DFS 23 / NYCRR Part 500, PCI-DSS, FFIEC, C5, ENISA, Center of Information Security (CIS), IRAP, ISO 42001
Steps for completing your project
After purchasing the project, send requirements so Taha can start the project.
Delivery time starts when Taha receives requirements from you.
Taha works on your project following the steps below.
Revisions may occur after the delivery date.
Gap Analysis
Remediation & Controls Implementation