Welcome to visuaFUSION's Phishing Simulator

Helping small health care organizations manage phishing risk

Phishing remains one of the most leveraged means of attack against health care organizations of all sizes, but small health care organizations are especially vulnerable due to the lack of dedicated IT security personnel. Often times, small health care organizations rely on a single "IT Person" wearing many hats to manage all aspects of IT. This results in either not managing the threat phishing poses to an organization at all, or overpaying for a vendor solution offering much more features than small health care organizations need and end up having time to use.

Get started FAQs

More +

visuaFUSION's Simulated Phishing service offers a platform to identify, track, and manage phishing risk in your organization over time, at a price point exclusive to small health care that is much more budget friendly to the budget available to small health care organizations.

Pricing plans

Purchase plans
Filter Type: View plans based on your organization type
Note: Activation of the plan will occur pending manual admin validation
Note: If you downgrade plans, you'd keep the number of remaining unused campaigns as well as maintain the number of org domains for the remainder of that year
Basic Package (Small Health Care)
- For 12 months
$479.99
Billed Annually

    Simulated Phishing Once-per-Year

    1. 1 Simulated Phishing Campaigns per-year
    2. Limited to 300 recipients
    3. 2 Test Campaigns
    4. Targeting Recipients within 1 domain
    5. Up to 2 admin users
    6. Billed Annually
Standard Package (Small Health Care)
- For 12 months
$679.99
Billed Annually

    Intended to cover twice-per-year phishing simulation campaigns

    1. 2 Simulated Phishing Campaign per-year
    2. Limited to 300 recipients
    3. 4 Test Campaigns
    4. Targeting Recipients within 1 domain
    5. Up to 3 admin users
    6. Billed Annually


Premium Package (Small Health Care)
- For 12 months
Most Popular
$1119.99
Billed Annually

    Intended for Quarterly Phishing Campaign Simulations

    1. 4 Simulated Phishing Campaigns per-year
    2. Limited to 300 recipients
    3. 8 Test Campaigns
    4. Targeting Recipients within 1 domain
    5. Up to 5 admin users
    6. Billed Annually
Unlimited Package (Small Health Care)
- For 12 months

    The most comprehensive package for organizations implementing regular simulated phishing campaigns against their end users.

    1. Up to 10 Phishing Campaigns per-day
    2. Limited to 300 recipients
    3. 2 test campaigns per-day
    4. Targeting recipients within up to 3 domains
    5. Up to 10 admin users
    6. Billed Annually
To subscribe to the unlimited plan, contact us for exclusive package for your needs
Want to try our phishing simulator out for free? Sign up for a trial subscription here, no sales conversation necessary!

Frequently Asked Questions

  • Which Browsers are supported?

    We officially support Microsoft Edge Browser with our Phishing Simulation Platform. Other browsers may work, but we do not exclusively test/support them. Your experience building phishing simulation templates may differ from browser to browser, but the experience presented on Microsoft Edge is the intended user experience.

  • If I upgrade to higher plan at any point, will I lose the money I spent on my original plan?

    The invoice for the upgrade will automatically adjusted the price to account for the unused months of your previous plan, and you will simply pay the difference between the two when upgrading.

  • Can I edit a recipient list after a campaign is targetted to it?

    You may edit a recipient list at any time, however, only the members present in the recipient pool will be at the campaign's scheduled start time will be included in the campaign.

  • Can I edit a campaign once it has started?

    You may only edit campaigns which have not reached their scheduled start date. After this time, you will be unable to make any changes. In addition, this will use one of your available campaigns.

  • I'm not recieving campaign completion notices

    Campaign completion notices are sent out every hour for any completed campaigns within the last hour. If you haven't received notice within an hour of campaign completion, please inform our support team.

  • Are any discounts available?

    Yes!  Our network of affiliates can offer you their discount code, which will grant you a % off the package price.  For custom pricing/packaging, please contact our sales team.

  • Are phishing simulations required by HIPAA?

    Phishing simulations are not explicitly required under the HIPAA Security Rule. However, they are widely recognized (and recommended) as a reasonable and effective method to support compliance with the Security Rule’s requirement for ongoing security awareness and training of workforce members.

    According to the HIPAA Security Rule, specifically the Administrative Safeguards provision at 45 CFR § 164.308(a)(5), covered entities and business associates must:

    “Implement a security awareness and training program for all members of its workforce (including management).”
    Source: HHS.gov – HIPAA Security Rule Summary

    The rule outlines key training elements, which may include:

    • Security reminders
    • Protection from malicious software
    • Log-in monitoring
    • Password management

    These are not exhaustive, and the regulation intentionally allows flexibility so entities can tailor their programs to address reasonably anticipated threats to electronic protected health information (ePHI), as further outlined in the Security Management Process at 45 CFR § 164.308(a)(1).

    Phishing simulations can serve as a practical implementation of these security awareness components by educating staff to recognize and respond appropriately to phishing and other social engineering attacks—one of the most common and damaging cybersecurity threats in health care.

    In summary, while not mandatory, phishing simulations are considered a recommended best practice for demonstrating proactive compliance and improving organizational resilience against cyber threats.

    For full guidance, see the HHS OCR Security Rule Guidance.

Coming Soon

Feature 1

Report Phishing Extension for Outlook

Track exceptional behavior above and beyond standard "safe behavior" of ignoring phishing emails by allowing your users to report phishing emails.

Feature 1

Enhanced Alerting Capabilities

Presenting you with additional preferences surrounding opting in or out of various system emails which occur when certain events are triggered. With this update, additional trigger actions are also being introduced, giving an even better alerting experience overall while allowing customization and control.

Feature 1

Recipient Pool Reporting Filter

Filter reports and analytic results to specifically selected recipient pools, giving even more power and flexibility to the way you can set up your organization to track risky users over time.

© 2025 visuaFUSION Systems Solutions . All rights reserved.