Read some of the latest news about Clearwater Compliance, along with articles that our subject matter experts have contributed to.

Clearwater is featured in Consulting Magazine’s 2017 Fastest Growing Firms

November 14th, 2017|0 Comments

Consulting magazine’s November issue highlighting Clearwater as a fastest growing firm in America –

  • TechNation

Cybersecurity: What Every HTM Pro Should Know

November 1st, 2017|0 Comments

Bob Chaput, CISSP, HCISPP, CRISC, CIPP/US, CEO of Clearwater Compliance LLC in Nashville, Tennessee suggests that guarding against cyber threats requires inter-department cooperation –

  • Talk Business & Politics

Arkansas Hospital Association member hospitals partner with leading healthcare cybersecurity firm

October 20th, 2017|0 Comments

After reassessing the repercussions of recent data breaches and cybersecurity vulnerabilities, the Arkansas Hospital Association (AHA) has partnered with Clearwater Compliance to provide services to its 101 member institutions –

  • Health Data Management

Why more providers are relying on the NIST Cybersecurity Framework

October 4th, 2017|0 Comments

Healthcare organizations are just beginning to understand the importance of adopting a cybersecurity framework as part of their overall information risk management program –

OCR guidance should shape your risk management program

September 12th, 2017|0 Comments

Controls-based “checklists” and dubious certifications will not adequately protect a healthcare organization’s sensitive digital assets –

  • Healthcare Info Security

FDA Issues Medical Device Secure Data Exchange Guidance

September 7th, 2017|0 Comments

‘Recommendations for Smart, Safe and Secure Interactions’ –

It’s time for an attitude adjustment

September 5th, 2017|0 Comments

It is natural, given their business of treating the sick, for those in the healthcare industry to be reluctant to describe the threat to patient information security and the possible danger to the welfare of a patient as “war” –

  • Career Info Security

Winning C-Suite Support for Cybersecurity Funding

September 1st, 2017|0 Comments

A CFO Shares Practical Insights on Gaining Necessary Funding –

Essential elements for a hacker-proof healthcare cybersecurity strategy

August 24th, 2017|0 Comments

Declaring a strategic objective, naming a CISO, maintaining a separate budget, board involvement and strict vendor scrutiny are just a few crucial points, cybersecurity experts say –

  • SecureWorks

Fireside Chat with Clearwater Compliance’s Mary Chaput

August 22nd, 2017|0 Comments

How healthcare organizations can overcome common cybersecurity roadblocks –


Mature information risk management programs

August 21st, 2017|0 Comments

Chief Audit Executives do not need to be reminded that data breaches are increasing in scope and severity every month –


  • Health Data Management

HIT Think – New approach needed to protect health data

August 18th, 2017|0 Comments

HIPAA regulations—and the mindset they have inspired for information security—can no longer be the standard on which a healthcare information security program is built –


Inc. 5000 list: 52 Nashville companies among fastest growing

August 16th, 2017|0 Comments

More than 50 Nashville-area companies earned a prestigious ranking on the Inc. 5000 list featuring fast growth –


  • Healthcare Info Security

Applying the ‘Doctrine of Maneuver Warfare’ to the Execution of a Cybersecurity Action Plan

August 9th, 2017|0 Comments

Our healthcare system is under attack by malicious interlopers who wish to inflict financial and reputational damage for their own gain –

Ransomware 2.0: It’s coming, and healthcare needs to get prepared

August 8th, 2017|0 Comments

The latest variation on a theme regarding this threat is what can appropriately be called a ransomworm,” said Rich Curtiss, managing consultant at Clearwater Compliance, a former hospital CIO, and liaison for cybersecurity vulnerability projects with the National Cybersecurity Center of Excellence –


How knowing the difference between Petya and NotPetya can help security pros block malware

July 25th, 2017|0 Comments

The latest ‘ransomworm’ attack is not over and, in fact, is already causing permanent damage –


  • Healthcare Info Security

UK Beefs Up Hospital Cybersecurity Funding

July 19th, 2017|0 Comments

Mary Chaput, CFO and compliance officer at cybersecurity consulting firm Clearwater Compliance, says attempts to recoup HITECH incentive payments already made to healthcare entities won’t be good for cybersecurity –


  • Executive Biz

Clearwater Compliance Joins NIST-Led Cybersecurity Partnership

July 12th, 2017|0 Comments

Clearwater Compliance has become a member of a public-private cybersecurity collaboration within the National Institute of Standards and Technology‘s National Cybersecurity Center of Excellence –


Preparing for the next change in healthcare information security

July 11th, 2017|0 Comments

HIPAA Regulation was created for the purpose of setting a baseline standard for the security and privacy of patient data. The standard was set for the environment that existed at that time –


NotPetya Is NotRansomware – A uniquely disguised and damaging attack

July 6th, 2017|0 Comments

The latest world-wide cyber event was touted as another Ransomware attack of the WannaCry variant. To reorient, WannaCry is a malware package in the Ransomware category –


C-suite needs education, governance and good teams to navigate changing healthcare risk environment

June 30th, 2017|0 Comments

C-suite needs education, governance and good teams to navigate changing healthcare risk environment – Article By Bill Siwicki Originally Published on

  • Healthcare Info Security

Sizing Up NotPetya’s Impact in US Healthcare Sector

June 30th, 2017|0 Comments

Like in the recent WannaCry attacks, the U.S. healthcare sector has so far mostly avoided becoming a victim of NotPetya, the malware menacing organizations across the globe –


  • Renal and Urology News

Risk Analyses Must Include All Electronic PHI

June 21st, 2017|0 Comments

Bob Chaput, founder and CEO of Clearwater Compliance, LLC, of Nashville, Tennessee, said ePHI breaches were involved in about three-quarters of all OCR corrective action cases to date  –


107+ cybersecurity companies in healthcare | 2017

June 15th, 2017|0 Comments

Healthcare organizations across the globe are more susceptible than ever to hacks and data breaches, which can cost a hospital or health system millions to fix and damage their reputation –


  • Cybersecurity and Healthcare Banking

Cybersecurity and Healthcare Banking

June 6th, 2017|0 Comments

In 2017 the industry most targeted by cybercriminals will be healthcare – Download White Paper


Medical devices, patient safety and cybersecurity

June 2nd, 2017|0 Comments

The recent Ransomware event has focused attention on the fragile state of information systems across the globe –

Popularity contest: Survey reveals Nashville’s most-likable CEOs

May 31st, 2017|0 Comments

Nashville is home to several likable CEOs, and now they’ve been ranked –

5 recent vendor contracts go-live

May 26th, 2017|0 Comments

Georgia Hospital Health Services, a Georgia Hospital Association subsidiary, on May 23 named Clearwater Compliance its recommended cybersecurity provider for all hospitals in the state –

(eBook) All In: Embracing Cybersecurity Across the Healthcare Enterprise

May 26th, 2017|0 Comments

By committing to sharing resources with each other, the health sector can grow to be a model sector for cybersecurity –

Georgia Hospital Association Gives Clearwater Compliance Exclusive Cybersecurity Endorsement

May 24th, 2017|0 Comments

Georgia Hospital Health Services, a Georgia Hospital Association subsidiary, on May 23 named Clearwater Compliance its recommended cybersecurity provider for all hospitals in the state. –

Georgia Hospital Association Taps Clearwater to Bolster Cybersecurity

May 23rd, 2017|0 Comments

Officials said the goal is to provide each of the state’s 170 hospitals with the necessary cyber tools to prevent breaches –

  • PHI Protection Network

Addressing Today’s Evolving Threats to Hospitals and Health Systems

May 16th, 2017|0 Comments

Mary Chaput, CFO Clearwater Compliance, is one of the country’s foremost experts on compliance with PHI privacy and security regulations. Her insights are widely featured in healthcare publications. – PHI Protection Network Blog

  • Health Data Management

NIST offers guidance for securing wireless infusion pumps

May 10th, 2017|0 Comments

The National Institute of Standards and Technology has issued new guidance on securing wireless infusion pumps in hopes of hardening the devices against cyber attacks –

  • Health IT Security

Medical Device Security Focus in Recent NCCoE Collaboration

May 9th, 2017|0 Comments

Clearwater Compliance CEO Bob Chaput stated in an email that wireless IV medical infusion pump security will be improved with letting NCCoE more effectively understand the hospital CIO culture and how to effectively communicate and apply best practices to this audience –

  • Healthcare Finance

Cyberinsurance options a ‘Wild West’ for healthcare organizations

May 9th, 2017|0 Comments

It is wild wild west out there when it comes to cyberinsurance,” said Mary Chaput, CFO of Clearwater Compliance, a healthcare cybersecurity consulting firm –

  • Cybersecurity Warfare

‘Warfare mindset’ that draws battle lines between systems, hackers, key to justifying cybersecurity investment, experts say

April 28th, 2017|0 Comments

Usual standard by which investments are judged does not lend itself favorably to cybersecurity; new mindset needed, authors write. –

  • Healthcare Info Security

Why Focusing Too Much on Today’s Cyber Threats Is a Bad Idea

April 27th, 2017|0 Comments

Healthcare organizations must take a long view in their security risk management programs rather than focus on the “cyberthreat du jour,” says security expert Bob Chaput – Healthcare Info Security

  • ahia

HIPAA Risk Analysis: OCR-Quality Audits | Another opportunity to provide assurance to leadership

March 22nd, 2017|0 Comments

Clearwater’s CEO & CFO, Bob & Mary Chaput co-authored the recently published, feature article in the Journal of the Association of Healthcare Internal Auditors.   

Operationalizing Cybersecurity in Healthcare Organizations

February 24th, 2017|0 Comments

Clearwater’s CEO, Bob Chaput, in collaboration with David Finn, Health IT Officer at Symantec, and HiMMS Analytics have just released an EBOOK discussing the recent findings of the 2017 IT Security & Risk Management Study.

  • HIMSS 17

What’s missing in the cybersecurity dialogue?

February 22nd, 2017|0 Comments

Bob Chaput, CEO of Clearwater Compliance, shares his vision for taking a strategic, business-oriented approach to cybersecurity.

  • hfma

Call for State Privacy Laws to Align with HIPAA

February 13th, 2017|0 Comments

In December 2016, the National Governors Association (NGA) released a report calling for improvements in the exchange of clinical information among healthcare providers in different states. Current conflicting and restrictive state laws, in addition to market barriers, have resulted in incomplete or delayed diagnosis and/or treatment for patients.

  • Intel Cybersecurity Providers

Intel Unveils Security Readiness Program to Help Prevent Cybercrime in Health Care

February 8th, 2017|0 Comments

Intel has teamed up with over 40 solution providers to create the Healthcare Security Readiness Program, aimed at helping to prevent breaches, including cybercrime hacking and ransomware. Nearly 90 percent of health care organizations – often seen as vulnerable targets lagging in security compared with peers in other industries, such as financial services – have experienced a breach in the past two years.

  • Wall Street Journal Cybersecurity

Health Care Risk Underlined By Insider Threat Finding

January 11th, 2017|0 Comments

Bob Chaput, founder of Clearwater Compliance, which aims to help secure hospital technology, said the industry has prioritized compliance, but undervalues security. The 1996 Health Insurance Portability and Accountability Act, for instance, set a baseline standard for protecting patient privacy, and the 2009 Health Information Technology for Economic and Clinical Health Act set new standards for record digitization.

Download The Wall Street Journal’s WSJ PRO Cybersecurity Newsletter.

Building a Business Case for Cybersecurity Investments

December 5th, 2016|0 Comments

Clearwater Compliance, CEO, Bob Chaput shares insights on the ever-increasing number of threats to healthcare information and how conducting a bona fide risk assessment is a first step in building a business case.

Download the December issue of Compliance Today Magazine.

  • Cybersecurity 500

Clearwater Compliance is featured 11th on the Cybersecurity 500 List

December 2nd, 2016|0 Comments

Clearwater Compliance, a leading cybersecurity firm founded and operated by C-Suite health care executives, is No. 11 on the Cybersecurity 500 and poised for continued growth over the next several years

Read the full article at Cybersecurity Ventures.

Hospitals sorely lack cybersecurity workforce, need staff-wide engagement, experts say

December 1st, 2016|0 Comments

Bob Chaput, CEO of healthcare cybersecurity firm Clearwater Compliance, agreed that healthcare is playing a serious game of catch-up when it comes to both the adoption and implementation of information technology, as well as information security.

Read the full article at Healthcare Finance.

  • MedCity News

‘Cybersecurity has become a full-time job’ in healthcare

November 28th, 2016|0 Comments


If 2015 was supposed to be the “year of the hack” in healthcare, cybercriminals really were just getting started. This year we have seen the rise of ransomware targeting healthcare organizations, plus continued phishing attacks and even some good, old-fashioned laptop theft.

Read the full article at MedCity News.

Hospitals lack staff needed to combat cyber attacks

November 21st, 2016|0 Comments

Healthcare is the most cyber-attacked industry, and it needs to hire up.

The cybersecurity workforce shortage — which has 1 million job openings in 2016, and is projected to reach 1.5 million by 2019 — is especially acute at hospitals and healthcare providers, according to one industry expert.

You can view the release at CSO

Clearwater Compliance adds senior VP

November 21st, 2016|0 Comments

Industry pro to lead hospital cybersecurity company’s brand strategy, marketing efforts.

Nashville-based hospital cybersecurity and compliance solutions company Clearwater Compliance has named Barry Mathis as senior vice president and chief business development officer.

You can view the release at Nashville Post

6 recent RCM hires

November 17th, 2016|0 Comments

Clearwater Compliance, a provider of hospital cybersecurity and compliance solutions, added to its leadership team by naming Barry Mathis as senior vice president and chief business development officer.

You can view the release at Becker’s Hospital CFO

Privacy and Security Forum Boston: What to expect

November 16th, 2016|0 Comments

Experts will convene at the HIMSS and Healthcare IT News event to discuss best practices for cybersecurity, fending off attackers, sharing threat intelligence, learning from the dark web, grappling with budget realities and more.

You can view the release at Healthcare IT News

The Importance of Improving Medical Device Security

November 14th, 2016|0 Comments

Enhancing medical device security requires collaboration

Sociologists call it “the diminishing returns of complexity.” It’s the point where a major innovation (like the wireless IV medication infusion pump) begins to have some drawbacks – like the possibility that these devices can be hacked in a way that can lead to life-threatening complications.

You can read the article at Health System Management

Trump’s Impact on Health Data Privacy, Security

November 10th, 2016|0 Comments

Experts Weigh In on Short-Term, Long-Term Implications of Election

The transition to a Donald Trump administration likely won’t have a significant immediate impact on HIPAA enforcement or other healthcare privacy and security regulatory activity – but it could over the long haul. That’s the consensus of CISOs, CIOs and other privacy and security experts who offered reactions to Trump’s surprise victory in the Nov. 8 election.

You can view the article at Healthcare Info Security.

Clearwater American Hospital Association Exclusive Endorsement

November 6th, 2016|0 Comments

Learn how the AHA rigorously completed your due diligence for you and granted Clearwater Compliance its exclusive endorsement for all of Clearwater’s Software and Professional Services!


Healthcare Industry Is The Bullseye For Hackers In 2017

October 31st, 2016|0 Comments

Ransomware is on the rise at hospitals in the U.S. and globally.

“Healthcare is the most cyber attacked industry according to the 2016 IBM X-Force Cyber Security Intelligence Index. In the same report just a year ago — when financial services held the top spot — healthcare wasn’t even in the top six.

Attacks on the healthcare sector are up 35 percent year to date vs. this time last year, Cybersecurity Ventures found in its recent 2016 Cybercrime Report.”

You can view the article at CSO

Clearwater Introduces Managed Solution To Help CIOs and CISOs

October 28th, 2016|0 Comments

The American Hospital Association is talking about Clearwater’s New Cyber Risk Services Solution

“Due to the constantly evolving threats to information security, hospital leaders today need a comprehensive, cost-effective approach to safeguard a hospital’s data, systems and reputation, and we are pleased to endorse Clearwater’s latest solution so hospitals can continue their proactive efforts around cybersecurity.”

You can view the article at Healthcare Risk Management Review News

Solution to Help Hospitals Manage Evolving Cybersecurity Risks Announced

October 26th, 2016|0 Comments

With cybersecurity breaches on the rise, hospitals rush to find solutions to secure their systems as effectively as possible.

Clearwater Compliance, a leading provider of healthcare compliance and information risk management (IRM) services has announced the availability of Cyber Risk Services™ (CRS™), a new managed solution endorsed by the American Hospital Association and designed to help CIOs and CISOs achieve rapid visibility and advancement in the information security compliance and risk management posture of healthcare organizations.

The highly visible and significant public attention to ransomware attacks in healthcare has accelerated a top-down cyber risk governance process and board-level involvement. While hospital boards […]

Clearwater unveils cybersecurity service to fight ransomware and other incidents

October 20th, 2016|0 Comments

The intent is to help healthcare CIO and CISOs improve IT compliance and risk management posture, as well as information resource management.

Clearwater Compliance, a provider of healthcare compliance and information risk management services, released Cyber Risk Services, an information and cybersecurity program endorsed by the American Hospital Association, the company is set to announce shortly.

Launched in response to the increase in ransomware attacks, the program is designed to help CIOs and CISOs improve information security compliance and risk management posture within their organizations.

And when an incident occurs, CRS will provide onsite support within two business days, in case of an […]

OCR getting tougher about information security

October 12th, 2016|0 Comments

In the healthcare field, the word “audit” is about as welcome as the word “Zika.” But it’s inevitable that there will be more audits this year, in addition to investigations, related to information security shortcomings.That’s because the Office for Civil Rights (OCR) has moved from the concept of performance audits in 2012, focused on efforts to comply, to compliance audits in 2017, focused on evidence of practice. And this year and beyond, an audit can result in a full-blown OCR investigation based on the severity of identified weaknesses or gaps.

What happened? Last September, the Office of the Inspector General issued […]

  • The Compliance and Ethics Blog

The Threat is Real: A Recommended Approach to Cybersecurity and Patient Safety

October 10th, 2016|0 Comments

Information security and cyber risk management has become an essential component of ensuring patient safety. Concurrently, the threat environment for healthcare organizations has significantly changed and expanded. The net effect of these developments is that traditional approaches to patient safety and information security may not be aligned with the current threat environment, which can lead to gaps in how patient safety and medical data are protected.In response, healthcare organizations are implementing not only new methods to protect patients and systems, but new models for their patient safety, information security, and risk management efforts. One effective model is to implement an […]

A CIO, consultant and infosec vendor nail down cybersecurity best practice lists

October 10th, 2016|0 Comments

Aetna CISO Jim Routh, who previously worked in financial services, offered his advice, as did Bob Chaput, CEO of Clearwater Compliance and Dan Wiley, who heads Check Point Software’s incident response and threat intelligence work.

Read the entire article at Healthcare IT News.

New Ponemon Study Reveals the State of Cybersecurity in Healthcare Organizations in 2016

October 4th, 2016|0 Comments

Healthcare organizations are in the crosshairs of cyber attackers at the rate of one cyber attack per month. This is the key finding of a recent Ponemon study, The State of Cybersecurity in Healthcare Organizations in 2016.

According to the study, healthcare organizations are experiencing an average of 11.4 cyber attacks per year. Further, almost half of the respondents (48 percent) said their organizations have experienced an incident involving the loss or exposure of patient information in the past 12 months.

The increasing frequency of attacks means that many patients are at risk for medical identity theft, and organizations are at […]

Tech Remedies for Regulatory Compliance

October 1st, 2016|0 Comments

“Oftentimes people feel that if you’re compliant, you must be, by definition, secure,” says Bob Chaput, founder and CEO of Clearwater Compliance, a Nashville supplier of compliance and cyber-risk services. “It’s not true. Similarly, you can be very secure but not compliant with certain regulations. So we encourage organizations to think about not only those two risks, which are inextricably linked, but also about other risks with which they’re linked or they may trigger. For example, financial risk or reputational risk, or the risk if you don’t have the ability to attract and retain talented people.”

“There is no such thing […]

Calculating the True Cost of a Healthcare Data Breach

September 27th, 2016|0 Comments

Healthcare data breaches come in all sizes and varieties – from the massive breach of 80 million patient and employee records at insurance giant Anthem to a stolen iPhone containing about 400 unencrypted patient records at Catholic Health Care Services in Philadelphia.

Even “small” breaches can be costly. The Catholic Health breach resulted in a $650,000 regulatory fine and a two-year corrective action plan.

According to the latest Ponemon Institute study, the healthcare field has the highest cost per breached record of any industry: $402. That adds up to $4 million for 10,000 records – about twice the cost of […]

OCR guidance should shape your risk management program

September 20th, 2016|0 Comments

Controls-based “checklists” and dubious certifications will not adequately protect a healthcare organization’s sensitive digital assets. What willwork is a formal Information Risk Management (IRM) program designed to grow more effective and mature over time.

Two documents from the Office for Civil Rights (OCR) reveal what the HIPAA regulatory arm of the federal government believes are appropriate for determining an organization’s level of compliance and information security as required by HIPAA: the Phase 2 Audit Protocol that covers all three HIPAA regulations and OCR’s Final Guidance on Risk Analysis, which is specific to the HIPAA Security Rule and information risk management.

You should […]

Chasing certifications won’t prevent data breaches

August 30th, 2016|0 Comments

In the electronics industry, the UL stamp of approval means that a product has been deemed safe. But in the healthcare field, there isn’t a single certification that ensures that Protected Health Information is safe – or that risks are being properly managed.

Even if such a silver bullet existed, a certification cannot guarantee that your organization will never suffer a data breach, complaint or penalty from the Office for Civil Rights (OCR).

Any healthcare organization that places its trust solely in the payment card industry standard (PCI-DSS), HITRUST or Service Organization Controls 2 (SOC 2) is on shaky ground. That’s because […]

The Right Way to Present a Business Case for Cybersecurity

August 19th, 2016|0 Comments

There’s an ever-increasing number of threats to healthcare information.  Healthcare information is more valuable and visible than ever; and, at the same time, more vulnerable than ever.  You feel responsible and, as the CISO, you are responsible for its security.  Conducting a comprehensive, bona fide risk assessment can be an effective first step in building credibility with the executive team and board and, therefore, in building a business case for cybersecurity investments in your organizations.  In addition to conducting the risk assessment, you should:

  • Find a sponsor on the executive team to use as a sounding board on risk appetite, sufficiency […]

5 game-changing issues in data security

August 19th, 2016|0 Comments

In military history, it’s called “fighting the last war”: addressing yesterday’s threats while today’s go unrecognized.

Many healthcare organizations are doing exactly that by being blind to the newest threats to the Protected Health Information (PHI).

The environment in PHI risk is changing rapidly. In recent years, most data breaches were the result of lost laptops and other employee miscues. Today, intentional attacks have surpassed inadvertent mistakes as the leading cause of PHI incidents. Criminal hacks against healthcare organizations have increased 125 percent since 2010 – and last year were the leading cause of data breaches for the first time.

Read […]

Making the case for comprehensive cyber-risk strategies: 10 startling facts that will spur C-suite action

August 8th, 2016|0 Comments

According to Jim Trainor, deputy assistant director of the FBI Cyber Division, “Major intrusions into healthcare providers’ computer systems now are happening at the pace of two or three a day.”

The largest healthcare data breach to date involved the insurance giant Anthem, in which about 80 million patient records were compromised. The cost of cleaning up the Anthem data breach is likely to exceed its $100 million cyber-liability insurance cap.2 Few healthcare organizations can handle a blow that devastating. Yet most healthcare C-suite leaders haven’t paid close enough attention to the fast-changing environment in data security.

Here’s the problem in a […]

Building Capability and Capacity to Take on Healthcare’s Evolving Security Threats

August 5th, 2016|0 Comments

Traditional approaches to patient safety and healthcare information security will need to evolve to address today’s emerging threats. The current risk environment for hospitals and healthcare organizations is changing quickly and includes a wide spectrum of threats — ranging from traditional intrusions designed to steal protected health information (PHI) to more novel and emerging attacks, such as tampering with medical devices or blocking access to essential records systems. The changing threat environment is blurring the lines between information security and patient safety and is requiring each discipline to expand its scope. Healthcare leaders now must consider what could happen if […]

  • The Compliance and Ethics Blog

It’s All About Risk Management! OCR Release Guidance on Ransomware – “Your Money or Your PHI”

May 13th, 2016|0 Comments

The Office for Civil Rights (“OCR”) released guidance on July 11, 2016 regarding ransomware and HIPAA. This guidance outlines activities supported by HIPAA that will assist Covered Entities and Business Associated in either preventing or quickly responding to ransomware attacks. To illustrate, the guidance calls for:

  • Implementing a security management process, including conducting a risk analysis and mitigating identified risks;
  • Implementing processes and technology to guard against and detect malicious software;
  • Training users on malicious software protection and reporting of malicious software detections with specific emphasis on ransomware;
  • Implementing controls to limit access to ePHI; and
  • Maintaining an overall contingency plan.

The OCR advice identifies how […]

Engineering Compliance and Information Risk Management

May 4th, 2016|0 Comments

In a recent article published by CIOReview, our CEO, Bob Chaput discusses how the cybersecurity industry is changing and what Clearwater can do to help your organization. Read the full article here.

If Ransomware Is the Question, Then Information Risk Management Is the Answer

May 3rd, 2016|0 Comments

Ransomware is malicious software that compromises the availability of critical information.  Unlike other hacking forms, ransomware does not compromise the confidentiality or integrity of the data, nor does it require the hackers to sell the information to a 3rd party in order to benefit from the proceeds.

This article originally appear in the Compliance and Ethics blog. 


Clearwater Compliance Ranks in CIOReview’s Top 20 for Second Year in a Row

April 26th, 2016|0 Comments

Clearwater Compliance, a leading provider of healthcare compliance and cyber risk management solutions, today announced it has earned another spot on the “20 Most Promising Enterprise Security Companies 2016” list by CIOReview Magazine, for the second consecutive year. A technology magazine that focuses on enterprise solutions, CIOReview is a leading source for technology decision makers. […]

More Press

103, 2016

Clearwater Announces the American Hospital Association’s Extended Endorsement of Its Health Information Security Solutions

Clearwater Compliance is proud to continue working with AHA Solutions, a division of Health Forum, the strategic business enterprise of the American Hospital Association (AHA), to provide exclusive resources and trusted solutions to AHA members. Clearwater’s Health Care Information Privacy, Security, Compliance and Risk Management Solutions have earned the exclusive endorsement of the American Hospital Association for the second year running. […]

2502, 2016

Clearwater Compliance, Knowledge Group Present “Harnessing the Power of NIST” Webcast

Clearwater Compliance is proud to team up with the Knowledge Group to offer a webinar entitled “Harnessing the Power of NIST – Your Practical Guide to Effective Cybersecurity.” […]

Published Articles

1411, 2016

The Importance of Improving Medical Device Security

Enhancing medical device security requires collaboration

Sociologists call it “the diminishing returns of complexity.” It’s the point where a major innovation (like the wireless IV medication infusion […]

3110, 2016

Healthcare Industry Is The Bullseye For Hackers In 2017

Ransomware is on the rise at hospitals in the U.S. and globally.

“Healthcare is the most cyber attacked industry according to the 2016 IBM X-Force Cyber Security […]

Contact Us

Our Expertise May Get Us Headlines, But Where It Really Matters Is In Our Work.

Contact us today for more information on how we can help your organization with it's HIPAA compliance and information risk management program.
Contact Us