Call Now (208) 904 - 3710

HIPAA compliance is complex. We simplify it. Better than that, we do most of the heavy lifting for you. Our risk assessments uncover your vulnerabilities and address them before they become a problem. Experts on policy and procedure, we give you more time with your patients by minimizing your time in the back office.

IT is expensive. We know what you need, and what you don’t. Our recommendations help you minimize IT investment, and our training helps boost adoption and compliance among your staff. Experts in information security, we work closely with your compliance and security officers to reduce your business costs by reducing your compliance costs.

At a price you can afford. Our risk management services provide worry-free HIPAA/HITECH compliance and come with year round support. Have a question and need a little help? Call us – we’ll answer your question for FREE. You’re good at treating patients, we’re good at HIPAA compliance.


At this point it shouldn’t be a surprise – HIPAA audits are picking up steam. Practices of ALL sizes are in the cross-hairs and the fines are steep.

Fortunately, at Khan & Marshall it costs much less to be prepared.


We know HIPAA compliance.

You have a pretty good handle on it too, but you still worry that your bases are not covered.

The Final Rules are now final.

Are you up to date with the latest changes? The implementation dates for full compliance have all passed and audits are under way.

OCR requires you to audit.

And they recommend a snapshot look from the outside in. Internal audits are time consuming for staff and, OCR warns, susceptible to unintentional bias and misperception.

OCR is required to audit you.

Breach? Incident? Investigation? Breathe easy while we walk you through the next steps.

Enforcement and Sanctions are part of the rules.

You have policies and procedures. Your staff has been trained and informed. What happens when they err?

You are doing great – your log books show you are error free!

Error free sounds like a good thing, but we can tell you why this is a red flag to OCR auditors.

Willful Neglect is a low hurdle.

The penalties are now much more serious.  They can include criminal charges.  And jail.

The faces are changing.

As staff come and go, have you covered information security requirements for those retiring, terminated or exiting?

You invested in great IT with all the bells and whistles.

Are you getting the most bang for your buck? Your ROI depends on staff fully adopting and understanding the technology’s features to provide the best patient care in the most efficient way possible.

Your clinical staff are multi-tasking.

Is your practice too small to hire designated compliance and security officers? Most of their compliance responsibilities can be supported by third-party business associates – like us!

Group training was an all-day event complete with catered breakfast and lunch on paid time for staff. Thank goodness that’s done!

Actually, training is an ongoing process. You’ve hired new staff but everyone is so busy taking care of patients that the only training they got was the “short” version.

Your practice is busy and growing!

Outgrown your current policies? Procedures no longer a good fit? They may need review to ensure they are still practical, yet adequate for compliance. Your staff wants to work efficiently, but are nervous about where boundaries are.


Many providers believe that an audit will result as a slap on the wrist.


To date, OCR has settled cases resulting in a total dollar amount of $48,679,700.00.


Complaints Remaining Open


Complaints Resolved


Complaints Received


Corrective Action Obtained




Complaints Investigated

Source: OCR

Your email will not be disclosed or used for any other purpose


  • Entrada Billing
  • Alpine Dermatology
  • Ridge Crest Dental
  • Wholesome Health
  • Grand Teton Child Neurology
  • SmileMakers Dental Pocatello, Twin Falls
  • Peterson Periodontics, Idaho Falls, Jakson Hole
  • Wholesome Health
  • Grand Teton Child Neurology
  • Grand Teton Child Neurology


Creek Side Dental

I have been pleased with the services provided by Khan & Marshall.  Very knowledgeable about options and how best to fix problems.

Ryan T. Kidman, DDS. Owner Creekside Dental, Idaho Falls
Idaho Kidney Institute

Ali from Khan & Marshall was very thorough and professional and helped us create a completely safe environment for our patient personal and health information giving us peace of mind.

Michael J. Haderlie, M.D. Administrative Partner, Idaho Kidney Institute, LLPPartner, Idaho Kidney Consultants, LLCMedical Director, Idaho Kidney Center, Idaho Falls, Idaho
Idaho Kidney Institute

I am very satisfied with Khan & Marshall. We hired Khan & Marshall for a HIPAA compliance audit.
The process was organized, efficient and very comforting. After an initial risk assessment they
provided us with the required policy documentation and trained our staff to follow them.

Amber Vaughan Office Manager & HIPAA Compliance Officer Idaho Kidney Institute


  • Hewlett Packard Enterprise