Our Management Team

President and Founder

jhodes@cchipaa.com

Jay Hodes is president and founder of Colington Security Consulting, LLC, d/b/a Colington Consulting and a leading expert in HIPAA regulatory compliance. Mr. Hodes has over 30 years of combined experience in risk assessments, site security evaluation, policy and procedures assessments, and federal law enforcement management.  He is the former Assistant Inspector General for Investigations at the US Department of Health and Human Services, Office of Inspector General (OIG).

Utilizing his expertise in regulatory requirements, inspections and security analysis, Mr. Hodes developed HIPAA compliance services specifically designed for healthcare providers and business associates. Mr. Hodes has been a keynote speaker, providing presentations regarding HIPAA compliance to many professional healthcare organizations.

As an expert in risk assessments, security analysis and regulatory compliance, his background includes:

• Publishing over 50 educational articles regarding HIPAA compliance and a guest post in the Electronic Health Reporter
• Certification by the New Jersey Board of Dentistry and the Maryland State Board of Dental Examiners to provide continuing education classes in HIPAA compliance
• Supervising over 200 special agents and professional support staff responsible for health care fraud investigations and law enforcement efforts throughout the eastern United States
• Assembling and leading an OIG cross-component team tasked with congressional inquiries regarding employee whistleblower allegations of IT privacy issues
• Regularly evaluating and assessing physical security standards for safeguarding employees, office locations, and sensitive law enforcement equipment
• Extensive training from the US Department of Homeland Security, the US Department of State Diplomatic Security Service, and the US General Services Administration
• Actively participating as a member of the Health Care Compliance Association, American Institute of Healthcare Compliance; Healthcare Information and Management Systems Society; American Society for Industrial Security; and the Health Technology Forum: DC.

Mr. Hodes has been interviewed and provided comments to Part B News articles, the Report on Patient Privacy, provided a guest post in the Electronic Health Reporter, interviewed and provided comments to Hospital Access Management regarding HIPAA privacy issues resulting from the Orlando mass shooting incident, interviewed four times by Renal & Urology News and the Virtru.com blog regarding HIPAA requirements and safeguards,interviewed by PracticeSuite EMR as part of their Expert Interview Series, and ABC “World News Tonight” and CNBC regarding OIG training standards.

Vice President – Policy & Client Management

dross@cchipaa.com

Deborah has over 30 years of experience in technical writing, editing, software training, and business document production.

Her specialized background includes:

• Developing customized policies and procedures for HIPAA Risk Management Plans.
• Design, editing, and production of National Baldrige Award applications in the healthcare sector, including the 2011 National Baldrige Award winner.
• Technical writer and editor for an online medical information web portal for Washington, DC and Maryland-based clinicians.
• Writing and designing training materials for a computer-based clinical information system for MedStar Health.
• Writing and designing electronic health record (EHR) tutorials for medical staff and clinicians.

Vice President – Risk Management

Mike Cummings is an experienced consultant and software developer with a decade of experience in the information technology space.

Mike’s background includes:

• Leading infrastructure and application security reviews for large federal government clients including the US Department of Treasury
• Consulting on technical solutions for large-scale medical record and tax data reconciliation processes
• Providing subject matter expertise throughout the design, development, and deployment of public-facing, enterprise web applications
• Helping medical practices identify security vulnerabilities though assessment methods and implement best practice solutions
• B.S. in Information Management & Technology from Syracuse University