Everything you need to pass an OCR audit and survive a ransomware day, without hiring a CISO.
Why this matters now: HHS-OCR fined Novant Health $6.6M in 2024 for one mistake — tracking pixels left firing on appointment pages. Four more settlements since. Most healthcare web vendors STILL ship these pixels by default.
$497
$340 à la carte + can't book a consult
one-time · 30-day refund · ships immediately
HIPAA Tracking-Tech Audit Checklist — 28pp, the same audit that catches the Novant pattern
30-Day HIPAA Hardening Playbook — one task per business day, ~12 hours total
Healthcare Breach First-24-Hour Kit — the crisis checklist for hour-zero
$497 includes the consult. Gumroad version doesn't.
Who this is for
Solo dentists, solo therapists, 1-5 provider clinics
Practice administrators at small specialty practices (cardio, derm, ortho, urgent care)
DPC (Direct Primary Care) practice owners
Anyone who got a patient breach notification and is now panicking
Who this is NOT for
Hospital systems with a dedicated CISO (you have this internally)
Healthcare IT vendors (different scope)
"Not legal advice. Have your counsel review templates before sending. The kit cuts your drafting time from days to hours, not from days to zero." — Lemorris