Latest Testimonials:

The level of knowledge provided by Clearwater’s consultants was outstanding; their willingness to go the extra mile to help us complete our project successfully, and for the amazing amount of knowledge they shared with all our teams and our executive management (info was also skillfully delivered and explained in such a way that made it easy for all level of management to understand).

-Project Manager for a large pharmaceutical company for which Clearwater conducted a number of services

I just passed my HCISPP certification exam! And I have to thank Clearwater Compliance for the great preparation for the exam I received by participating in two of their educational events:

• The three-day (ISC)²® HCISPP℠ CBK® Training Seminar hosted and taught by Clearwater was very helpful in preparing me for the exam and the flash cards and exercises were great tools for study; and
• The Clearwater Information Risk Management BootCamp™ provided more in depth risk management education than even the HCISPP course. And, it helped me connect the dots between information privacy and security and overall risk management. The exam included several questions about risk management that weren’t covered in the HCISPP Training Seminar. By attending this intensive one-day course after the first one, it helped me more than anything I did to prepare for the exam.

It is a difficult exam, even with my on-the-job experience. I’m so glad I was able to do both! I feel much more equipped to provide informed guidance to my company’s information privacy and security compliance and risk management programs now!

-Bethany Moss, Quality Assurance Compliance Administrator, CareHere LLC.

After attending the Clearwater HIPAA Compliance BootCamp, I had the pleasure of meeting Bob Chaput and team. Having been impressed by both the content and delivery, I asked Bob to become engaged in our field enablement programs. Bob and team helped us customize and build an industry-focused BootCamp for our sales teams. The training and ongoing support to our teams has been both impactful and instrumental in enabling the field from the ground up. As a result, the Clearwater BootCamp has become an integral part of our healthcare team’s on-boarding process. I would highly recommend any Clearwater Compliance training program to anyone looking to enhance their knowledge of the complex issues surrounding government and regulatory issues in Healthcare.


-Jenn Artura, Vertical Sales Enablement Leader, Symantec


CareSource engaged Clearwater Compliance to perform HIPAA-HITECH Privacy, Breach Notification and Security Rule compliance assessments following an intensive RFP and decision-making process. We chose Clearwater based on the following characteristics:

  • A demonstrated understanding of HIPAA-HITECH regulations
  • Well thought-out and easy to understand assessment tools and processes
  • Clearwater’s ability to engage was immediate, with well-planned milestones that minimized the impact on CareSource’s resources
  • Reasonable fees for the work to be performed
  • Clearwater’s commitment to help us become self-sufficient by providing software and methodology training was unique

 From start to finish the engagement was managed smoothly and professionally

 The principals, Jason Riddle and Wes Morris, were knowledgeable, skilled, and personable communicators; effective in engaging the WorkShop participants to discover and address our needs and educate us along the way. The software as a service directly addressed each identified gap, and provided a clear remediation plan; along with a final report that broke down the tasks we needed to accomplish in an effective way.Clearwater’s support didn’t end with a final report. We requested and received assistance and interpretation since the primary work finished, and the principals have been responsive and helpful.

Clearwater’s software is intuitive and easy to use as a means to guide our ongoing efforts, as well as maintain and report our compliance status.The tool is very simple to use and the reports helpful and easy to generate.

-Mary Eileen Lechleitner – Privacy Specialist


We are a BA insurance agency serving CE dentists. We are working our way through your well-crafted privacy, security, breach response policies and procedures. I am signed up for your virtual BootCamp in November.

The Clearwater Compliance policies and procedures are at once priceless and difficult. We are a two-person agency and compliance with best practices is a long arduous journey – but thanks to professionals like you, a doable journey.

–Frank L. Thomas-Mears, President, Multiple Risk Managers

Clearwater Compliance (CC) was engaged to provide Costco Wholesale Corporation (CWC) a HIPAA / HITECH assessment for our healthcare centers after prolonged due diligence.

CWC held onsite interviews with several companies numerous times including very large consulting firms. These interviews were conducted by senior IS Executives, IS Compliance, IS Information Security, Corporate Legal, Senior executives and directors of the healthcare centers. This was an exhaustive search for the right fit for CWC’s need to understand the OCR protocol, where we currently were and to create a roadmap for remediation, if needed.

Clearwater Compliance was chosen primarily because of the following reasons.

  • A deep understanding of HIPAA and HITECH and Clearwater principals had many years of experience in the Healthcare sector, in leadership roles.
  • Assessment tools were in place, vetted by numerous customers
  • Professional demeanor and knowledgeable responses when asked questions. (As opposed to the glad handed sales people, who knew very little)
  • Ability to engage in a timely manner
  • Fees for engagement were reasonable based on our needs
  • CC was able to provide on ground assets in multiple locations throughout the US concurrently
  • Provided a roadmap and ability to track each gap as they were addressed

Clearwater met and in most cases exceeded our expectations and has been awarded additional contracts because of their expertise and performance.

-Submitted by Marshall Maring, CIPP/US, HIPAA Privacy Program Manager, Costco Wholesale, Retired July 2013

I am happy to positively endorse Clearwater Compliance. They have done an excellent job for us with their audit of our privacy, security and breach readiness to comply with HIPAA, HITECH and the new Omnibus changes which go into effect this next month.

Bob and Mary Chaput conducted our audit themselves and we had a very productive and informative two day audit session. We have also engaged them to do a security risk assessment, which is scheduled for the first quarter of 2014 (we wanted to put their preliminary audit recommendations into place before we ran this audit). They are very specific, very clear, very thorough and very knowledgeable. Their style is structured, but friendly and easy. We consider them friends now that we have spent so much time with them both in prep for our audit, in the actual audit and in follow up since the audit.

Their audit report was well written and provided us with many areas of improvement and recommendations to follow up on. We created our own internal Corrective Action Plan project team (consisting of compliance, IT and operations staff) to follow up on their recommendations. We believe we will be much more compliant/effective with privacy, security and breach regulations once we have implemented their recommendations.

We find their audit tool/software to be easy to use and intuitive. We are just now updating our status on a number of items to see our new “score” using their tool.

We also feel we are very conversant in the regs and expectations surrounding privacy, security and breaches. There are at least four other local health plans similar to ours in CA who have or are using Clearwater Compliance. They have all spoken highly of their experience with Clearwater Compliance.

Finally, let me note that their pricing seems very reasonable to us – both for the value we directly received and in comparison to fees we have/do pay other consultants who support our health plan.

-Eric Bergen, Sr. Director – Quality Improvement & Compliance, Alameda Alliance for Health

The two principals of Clearwater Compliance, Bob and Mary Chaput, were both executive leaders at Healthways previously – Bob as EVP & CIO and Mary as EVP & CFO. Core to their respective duties and responsibilities while at Healthways was risk management, including a significant emphasis on HIPAA security and privacy. During the stretch of a decade with the company they led the design, development, implementation and management of the enterprise compliance program. The approach, tools and processes developed for Healthways now serve as the basis of the platform for Clearwater Compliance.

Just to give you a sense of the magnitude of their work at Healthways, the compliance program protected the PHI for more than 40 million Americans annually. In addition, the effectiveness of the program performance was tested readily each year through audits administered by our large customers, composed of government (e.g., CMS), national/regional health plans and Fortune 500 employers. We have had no violations or investigations under this program. Moving forward we intend to continue to stay abreast and compliant through the excellent HIPAA Privacy, Security and Breach Notification WorkShop™ offerings that Clearwater Compliance delivers.

Bob and Mary Chaput are people of high integrity, impeccable work ethic and are very passionate about the business they are leading and the value they are creating. They will treat your risks and opportunities as if they were their own. I hope my note does justice to begin to explain how fortunate you would be to do business with Clearwater Compliance.

-Ben Leedle, Jr. | CEO | Healthways, Inc. | (NASDAQ: HWAY)

Health Plan of San Joaquin began its relationship with Clearwater Compliance when we were randomly selected by OCR as one of the first in the nation covered entities to be audited.  Bob and his expert team made us feel like we were their priority in those stressful weeks before and during the audit.  That’s why we continue to place our confidence in Clearwater Compliance to assist with the testing of our systems and processes.

-Dawn Goodman, Privacy and Security Officer, Health Plan of San Joaquin

We choose Clearwater because they are a front runner in consulting and assisting with this area. And, they also have developed Risk Analysis software to help you meet the Meaningful Use criteria and qualify for incentives. They may be listed as a consulting group, but they will also train and adjust to whatever is needed based upon your in-house expertise. The other top vendors were mainly consultants, they will come in and assess/audit our facility, give recommendations and leave, and if we need them again we will need to pay another fee. Clearwater offered the same type of consulting but also offered to sell us the software tool and train us on the application and uses of it. This way we may preform audits and assessments at any time.

We felt that we had the expertise in-house to understand and conduct assessments and audits after being shown the demo of the software. This software and training is within the compliance listed by the statutorily obligated to comply with the law as a result of Health Information Technology for Economic and Clinical Health (HITECH) Act, which was enacted as part of the American Recovery and Reinvestment Act (ARRA) of 2009.

– Wayne Richmond, Data Security Officer, Princeton Community Hospital

I have enjoyed participating in several HIPAA/HITECH webinars hosted by Bob Chaput with Clearwater Compliance, LLC.

The Webinars have been extremely professional and very specific in regards to assisting organizations meet the various applicable HIPAA Privacy and Security regulatory compliance requirements. After each webinar, I have been extremely impressed that Bob has personally followed up with me to see if the webinar was helpful, met my needs, and if I had any follow up questions or suggestions. Bob is very professional, polite, very customer focused, takes pride in the work, expertise and reputation of his organization!

– Robin Redford, Enterprise HIPAA Application Auditor”

“Your content and skill sets are extremely valuable in this needed segment.”

Bob Chaput is an excellent corporate expert in the areas of healthcare IT risk auditing, privacy and compliance for HIPAA and HITECH. He and his company’s presentations have greatly aided me in having additional resources for healthcare compliance to refer interested parties to for insight.
I appreciate and would recommend him to any and all seeking assistance in the rapidly changing healthcare compliance.

– Valdez Ladd C., Technical Support Engineer II. Information Security Adviser

Mr. Chaput’s webinars regarding HIPAA and HITECH compliance in the health-care industry have proven very helpful in helping me guide the hospital I contract for through the muddy waters of creating an information security program. With his website,, I have found many valuable resources that have helped get our hospital where it is today, fully compliant to the HIPAA security rule and HITECH.

– David Auge, Project Manager

“I think that while HIPAA may seem extremely intimidating at first glance, this program does an “excellent” job in providing the necessary education, warning, and action plan for both an individual and organization to immediately begin remediating their inter uses regarding PHI.”

“About HIPAA – Thank you for the rare combination of timely, authoritative, and practical advice.
(Also: Clearwater Compliance presents excellent content in its webinars. I have found them to be accurate and practical…a great mix!)”

– – Ruth Carr, J.D., LL.M.,Attorney and (Ret.) State HIT Coordinator,Atlanta, GA

“Being a small company, we have never truly done any seminars or training other than Q&A at office meetings. So in my quest to gain knowledge with limited to no funds for education, I came across your website, which has truly been a blessing.”

– – Heather Preble,CMT Duininck Chiropractic, PA

 “I have completed all sections of the “Clearwater Security Assessment” tool without any difficulty. I’ve found the program to be very easy to understand and extremely well organized, with excellent documentation (references to the original law).”

– – Robert Wolfson, MD, MSHA, Wolfson Consulting, Inc.

 “It was fantastic! I have never had such a turn out for an ISM lecture before… You pulled them in. And, once you had them, you really did a fabulous job! It was very basic, thorough, punchy, etc. You are a joy to listen to. You are a natural teacher, and I am thrilled I finally got to use your considerable talents in the classroom.”

– Karen Wieckert, Ph.D.,Belmont University

“I have participated in several educational programs sponsored by Clearwater Compliance. Most recently, I have participated in two HIPAA HITECH Blue Ribbon Panel webinars concerning HIPAA compliance. I can’t thank you enough for allowing the HIPAA community to participate in these webinars free of charge. I work for a state agency and have no budget for training, and it’s a godsend to have high quality training available from experts in the HIPAA field. Thank you so much for your willingness to support HIPAA education.”

– Peg Tanner | Chief Privacy Officer, Office of the General Counsel State of Illinois

“Clearwater Compliance did a great job at helping us understand our needs and developed a plan to align our policies and procedures with the HIPAA-HITECH requirements. Their Policies and Procedures Toolkit was a great frame of reference and provided high quality templates that aided creating our own policies to reach our compliance objectives.”

– Scott Barnhill | Director, Information Technology & Security, ADP® AdvancedMD | Time to Practice

“The Clearwater Compliance and websites have been a critical source of information for my HIPAA compliance efforts over many years. As a small EMS-providing fire department, we don’t have a lot of time or money to spend figuring out the law and how it applies to us. The information format is easy to read and understand, and it gets to the point. Clearwater Compliance obviously cares about helping us keep out of trouble!”

– Tim Moser | Assistant Fire Chief,Shawnee Township Fire Department