Colington Consulting

Helping Organizations Achieve HIPAA Complia

About Us

The Team

Jay Hodes - HIPAA Compliance Expert

Jay Hodes - President & Founder

Jay Hodes is president and founder of Colington Security Consulting, LLC, d/b/a Colington Consulting and a leading expert in HIPAA regulatory compliance.  Mr. Hodes has over 35 years of combined experience in risk assessments, site security evaluation, policy and procedures assessments, and federal law enforcement management.  He is the former Assistant Inspector General for Investigations at the US Department of Health and Human Services, Office of Inspector General (OIG).

Utilizing his expertise in regulatory requirements, inspections and security analysis, Mr. Hodes developed HIPAA compliance services specifically designed for healthcare providers and business associates.  Mr. Hodes has been a keynote speaker, providing presentations regarding HIPAA compliance to many professional healthcare organizations.

As an expert in risk assessments, security analysis and regulatory compliance, his background includes:

  • Publishing over 60 educational articles regarding HIPAA compliance and a guest post in the Electronic Health Reporter
  • Certification by the New Jersey Board of Dentistry and the Maryland State Board of Dental Examiners to provide continuing education classes in HIPAA compliance
  • Supervising over 200 special agents and professional support staff responsible for health care fraud investigations and law enforcement efforts throughout the eastern United States
  • Assembling and leading an OIG cross-component team tasked with congressional inquiries regarding employee whistleblower allegations of IT privacy issues
  • Regularly evaluating and assessing physical security standards for safeguarding employees, office locations, and sensitive law enforcement equipment
  • Extensive training from the US Department of Homeland Security, the US Department of State Diplomatic Security Service, and the US General Services Administration
  • Actively participating as a member of the Health Care Compliance Association, American Institute of Healthcare Compliance; Healthcare Information and Management Systems Society; American Society for Industrial Security; and the Health Technology Forum: DC.

Mr. Hodes has been interviewed and provided comments to Part B News articles, the Report on Patient Privacy, provided a guest post in the Electronic Health Reporter, interviewed and provided comments to Hospital Access Management regarding HIPAA privacy issues resulting from the Orlando mass shooting incident, interviewed four times by Renal & Urology News and the blog regarding HIPAA requirements and safeguards,interviewed by PracticeSuite EMR as part of their Expert Interview Series, and ABC “World News Tonight” and CNBC regarding OIG training standards.


Deborah Ross - Vice President – Policy & Client Management

Deborah has over 30 years of experience in technical writing, editing, software training, and business document production.

Her specialized background includes:

  • Developing customized policies and procedures for HIPAA Risk Management Plans.
  • Design, editing, and production of National Baldrige Award applications in the healthcare sector, including the 2011 National Baldrige Award winner.
  • Technical writer and editor for an online medical information web portal for Washington, DC and Maryland-based clinicians.
  • Writing and designing training materials for a computer-based clinical information system for MedStar Health.
  • Writing and designing electronic health record (EHR) tutorials for medical staff and clinicians.


Waseem H. Sheikh - Senior Advisor

Solution Architect - Healthcare

Dr. Sheikh serves as the senior adviser for health information technology at Colington Consulting. He provides guidance and expertise regarding HIPAA compliance requirements related to technical safeguards for our clients.

Dr. Sheikh is an American Health Information Management Association (AHIMA) certified Health Information Management (HIM) professional whose detailed data mapping ensures unparallel tactical and strategic privacy and security protections that exceed regulatory compliance. Working with the Veteran’s Affairs (VA) and Department of Defense (DoD) Electronic Health Record (EHR) Modernization project, he has the rare ability to collaborate with different stakeholders to reach consensus by re-engineering the clinical workflows and IT infrastructure to offers a solution that not only increases process efficiency and enhances patient satisfaction, but also minimizes or mitigates risk.

Often called upon by healthcare organizations, law firms and emerging technology start-ups to determine project requirements, he can analyze current state tasks and propose future state viable solutions. With a unique internal medicine physician and strong technical background, he can liaison with the clinical practitioners at their level to translate their specific needs for software engineers in the development of mobile applications from concept to delivery. Also, as a Healthcare App Development SME, he can design the front-end User Interface Experience for Clinical Practitioners that is efficiency driven, extremely intuitive and visually appealing while deploying the NIST Cybersecurity framework at the back end to meet integrity, access and encryption standards.