Our Team

Michelle Bermea

Michelle works hands on with MyHIPAA Guide workshop participants and subscribers. Her human touch helps people build compentencies in the work of sustaining HIPAA compliance. Michelle received her Bachelor of Arts in Diplomacy and Foreign Affairs from Miami University. Following graduation, she moved to Washington, D.C. where she worked at the Advisory Board Company, a health care research firm; the U.S. Capitol, and the International Monetary Fund. She received her Juris Doctor from American University Washington College of Law in 2012, with an emphasis in health law and international law.


Patrick DeMico

Patrick is leading the launch of an expanded compliance service called Certitude Virtual Compliance, of which MyHIPAA Guide is a partner. His expertise has been invaluable to MyHIPAA Guide, especially in creating a human-centered approach to HIPAA compliance, with an emphasis on building competencies among those who facilitate compliance. Having started his career as a Direct Support Professional (DSP), Patrick advanced to COO/CFO of Passavant Memorial Homes in Pennsylvania. He continues to serve the residential-services community as a consultant, having negotiated more than $14 million in increased funding for PA consumers in 2016 alone.


Jason Edwards

Drawing on experience as Chief Webmaster for Ohio.com, the online news site of the Akron Beacon Journal, Jason leads the ongoing evolution of MyHIPAAGuide.com and implementation of user-friendly solutions to help subscribers. His expertise includes social media applications, development of online communities for sharing information, and HIPAA-compliant communications solutions, including secure email. Jason considers "code" his second language. His talents include photography, graphic design and an amazing understanding of how information flows over the Internet.


Diane Evans

As Publisher of MyHIPAA Guide, Diane writes extensively on issues relating to HIPAA compliance. Recent guest viewpoints have appeared in the Akron Beacon Journal and in Compliance Today, the peer-reviewed journal of the national Health Care Compliance Association. Diane also contributes to the blog of the Center for Health Journalism, University of Southern California, Annenberg, where she is a member. She has authored accredited online courses on HIPAA compliance, available through Pedagogy Inc., based in Troup, Tx., and she speaks extensively on HIPAA compliance in Ohio and beyond. Diane spent the earlier part of her career as a columnist for the Akron Beacon Journal.


Cynthia Jerde

Cynthia is our team leader in developing curriculum for MyHIPAA Guide training programs. Having spent the earlier part of her career on the clinical side of nursing, Cynthia turned her focus to staff training in more recent years, including at Alego Health/Cleveland Clinic in Cleveland and University Hospital of Cleveland. She holds a Bachelor's Degree in Public Health from Kent State University, with a concentration in health education. She is also a Registered Health Information Technician (RHIT). Cindy goes on-site to help with MyHIPAA Guide training and consulting services


Jason Ryan

Jason's artistic skills help us present information about HIPAA in a way that lightens what could otherwise be heavy subject matter. His skills include print design, web design, printing production, multimedia editing and design, photography, photo editing and restoration, and illustration techniques. He is adept in Adobe software, including InDesign and Photoshop. Jason is our go-to guy as we create educational materials that help people through the HIPAA-compliance process. His are the hands behind our online resource pages meant to help compliance managers do their jobs better.

10 Step HIPAA Plan

  • Step 1: Confirm you are a covered entity +

    What's Inside:
    Lists of who is generally covered and who is not, plus contact for inquiries.
  • Step 2: Provide leadership +

    What's Inside:
    • 7-page HIPAA basics
    • 62-page guide to security and privacy of ePHI
    • Compliance Charter Template
  • Step 3: Document processes, findings, and actions +

    What's Inside:
    Templates for Security Policies and Procedures
  • Step 4: Conduct a security risk analysis +

    What's Inside:
    • Guides
    • Short videos
    • Interactive quizzes on risk assessment and contingency preparation
    • 10 common myths

    Interactive tutorial – 156 questions with fill-able PDFs for Windows or iPad. All material from federal sources.
  • Step 5: Develop an action plan +

    What's Inside:
    • 11-page overview on ePHI for small practices
    • 4-page Q&A addresses email with patients
    • Checklists

    Toolkit on 45 implementation specifications
  • Step 6: Manage and mitigate risks +

    What's Inside:
    • Overview of expectations
    • Annual Work Plan Template
  • Step 7: Prevent breaches +

    What's Inside:
    • Form for reporting brief notification
    • Links to details on the notification process and what constitutes a breach.
    • Suite of Training Materials
  • Step 8: Communicate with patients +

    What's Inside:
    FOR ALL:
    Privacy notice templates to help achieve meaningful consent, in English & Spanish.

    Professionals' guide covering 2013 updates on communications.

    Electronic toolkit with patient education and meaningful consent sample materials.
  • Step 9: Update or execute Business Associate Agreements (BAAs) +

    What's Inside:
    • Sample Business Associate Agreement (BAA) provisions
    • Suite of BA Management Tools
  • Step 10: Attest to Compliance with Security Objectives +

    What's Inside:
    • Tip sheets
    • Short videos
    • Overviews

    • 94-page guide on the EHR incentive program
    • Beginners' toolkit on reporting to the government

    All from federal sources.
  • 1