Bob Chaput, Founder & CEO
Recently, the management at SHIELDS for Families, a community-based, non-profit 501(c)(3) organization was focused at developing, delivering, and evaluating comprehensive service models—that empowers and advocates for high-risk families in South Los Angeles. They faced challenges in responding to a detailed information request list from Optical Character Recognition (OCR) regarding a breach and to establish and declare the organization as a hybrid entity. They also wanted to identify compliance gaps that existed and prioritize a remediation plan. To this need, SHIELDS for Families approached Clearwater Compliance—a service firm specialized in providing healthcare compliance and cyber risk management solutions. Clearwater Compliance worked with the firm and developed content and organized information to reply to OCR’s requests through research and interviews. Through Clearwater’s IRM Analysis software they were able to examine their organizational structure and programs to define hybrid and HIPAA/non-HIPAA components. “Clearwater helped us fine-tune our policies and procedures, and to conduct a risk analysis to ensure other vulnerabilities would not easily be exploited,” Patrick Coffin, IT Director at SHIELDS for Families.
The threat environment for healthcare organizations has considerably changed with the information security and cyber risk management becoming a crucial component in ensuring patient safety. “In response, healthcare organizations are implementing not only new methods to protect patients and systems, but new models for their patient safety, information security, and risk management efforts,” posits Bob Chaput, Founder and CEO at Clearwater Compliance. “Companies often overlook the foundation of a secure information environment—a comprehensive risk assessment to prevent the mega breach in today’s frenzy world.” The Nashville, TN based firm with its suite of compliance software helps healthcare organizations and their service providers to become and remain compliant with the rigorous HIPAA-HITECH regulations. “The HIPAA regulations when compared with other security regulations insist for basic foundational requirement of implementing a security program,” asserts Chaput.
Companies often overlook
the foundation of a secure
comprehensive risk assessment
to prevent the mega breach in
today’s frenzy world
Clearwater’s Information Risk Management Pro (IRM Pro) suite of software comprises of four modules– IRM Analysis, IRM Security, IRM Privacy, and IRM Capability. This HIPAA software intends to meet the regulatory requirements, minimize security incidents, and data breaches and also assist organizations in avoiding monetary losses. In a nutshell, the software has built-in regulation guidance and interactive reporting/dashboards for multi-location situational awareness. Each of the unique compliance software solutions within IRM Pro suite delivers a mature, repeatable and sustainable process for compliance.
By strictly adopting the HHS/OCR guidance, the IRM Analysis module offers a strategic approach and methodology to help organizations to meet their HIPAA and Meaningful Use requirements.
Furthermore, the IRM Security and IRM Privacy modules are involved in identifying the compliance gaps by having a note of the missing and out dated policies—automatically generating specific remediation paths and strategies. These modules then translate the HIPAA HITECH Security requirements into an Assessment Wizard facilitating the execution of plans. It also provides dashboards reflecting the client’s present status, and serve as a document repository comprising of all the procedures, policies, laws, reports, and accounting for building an well-organized compliance program.
Forging ahead, the company is working on its mission to empower hospitals and health systems to successfully manage their healthcare’s evolving cybersecurity risks ensuring patient safety. Clearwater Compliance, on a progressive note expedites the pace of technological change through its pragmatic solutions; to become the backbone for companies that are looking forward to remain innovative.