Read some of the latest news about Clearwater Compliance, along with articles that our subject matter experts have contributed to.

  • CHiME Healthcare's Most Wired: National Trends 2018

Healthcare’s Most Wired: National Trends 2018

October 31st, 2018|0 Comments

This year’s research and future Most Wired research can help identify gaps in healthcare organizations’ technology adoption and strategies and highlight areas in which the industry has opportunities to make progress. – CHiME Healthcare’s Most Wired

Responding to an OCR breach investigation with an OCR-quality risk analysis

September 28th, 2018|0 Comments

Jon Moore, Clearwater’s SVP of Professional Services, addresses why health organizations continue to struggle to meet OCR’s risk analysis. In the article, Jon walks through steps of a successful OCR-quality risk analysis –

Clearwater releases CyberIntelligence dashboards for Its IRM|Pro Enterprise Cyber Risk Management Platform

July 24th, 2018|0 Comments

Clearwater, a healthcare cyber risk management solutions company, announced the release of CyberIntelligence dashboards, the latest innovation for IRM|Pro, an Enterprise Cyber Risk Management System (ECRMS) for healthcare providers and their partners –

Clearwater ranks #19 on Nashville Business Journal’s top Healthcare IT Companies

July 13th, 2018|0 Comments

This List ranks Nashville-area health care IT companies by number of local-area IT employees.

  • Cyber Thoughts

Security Tools and SaaS

July 3rd, 2018|0 Comments

With between 45 and 65 different security vendors’ tools in the average hospital CISO’s tool box, healthcare providers need to make sure that third-party tools work well together and do not create unwanted complexity or introduce their own vulnerabilities –

Nashville health care firm names new CEO

May 15th, 2018|0 Comments

Steve Cagle will take over as CEO of the health care cyber-risk-management company, according to a news release. Bob Chaput, who founded the company in 2010, is stepping down but will remain with Clearwater as executive chairman –

Clearwater Compliance gets new CEO, CFO

May 15th, 2018|0 Comments

Health care cybersecurity company Clearwater Compliance is bringing on a new leadership duo, with founder and current boss Bob Chaput becoming executive chairman and CFO Mary Chaput transitioning into an advisory role –

  • CISION PR Newswire

Clearwater Compliance Ranks Top Compliance & Risk Management Solution, 2018 Black Book Cybersecurity User Survey

May 14th, 2018|0 Comments

Compliance firms rated by industry client satisfaction and loyalty scores via independent key performance indicators announced –

How Small Breaches Can Cost Millions

May 14th, 2018|0 Comments

Years after HIPAA and HITECH passed, health care organizations are still “woefully noncompliant,” with the measures, said Bob Chaput, founder and CEO of Clearwater Compliance –

  • Healthcare Info Security

(Podcast) Texas Hospital CEOs: Cybersecurity Is No. 1 Worry

May 7th, 2018|0 Comments

At a recent meeting of hospital CEOs in Texas, the leaders said the issue that keeps them awake at night is cybersecurity, says Fernando Martinez of the Texas Hospital Association –

  • Health IT Security

Helping Struggling Hospitals Recover from Ransomware Attacks

May 2nd, 2018|0 Comments

The biggest cybersecurity issue for hospitals is response and recovery from ransomware attacks, observed Fernando Martinez, chief digital officer at the Texas Hospital Association –

  • Modern Healthcare

Need non-emergency medical transportation? These companies are in the driver’s seat

April 28th, 2018|0 Comments

Uber worked with an outside firm, Clearwater Compliance, to make sure its HIPAA policies were up to snuff. “This is about the privacy, security and breach notification rules, and it’s also about patient safety and patient care,” said Bob Chaput, Clearwater’s CEO. “It’s about safeguarding this very personal sensitive information.”

  • Health Data Management

HIT Think – How cyber risk is affecting medical professional liability

April 16th, 2018|0 Comments

As far back as 2013, insurers were warning about the exposure that hospitals and providers had related to medical professional liability from attacks on medical devices and software  –

3 Things That Healthcare Must Understand About Cybersecurity

April 13th, 2018|0 Comments

The cyberthreat landscape for hospitals and other healthcare organizations is changing. Healthcare organizations continue to be the subject of attacks by hackers seeking access to patient data for resale on the black market –

  • Healthcare Info Security

HHS Warns of SamSam Ransomware Attacks

April 12th, 2018|0 Comments

Federal regulators are warning the healthcare sector about ongoing attacks involving SamSam ransomware that have impacted at least eight U.S. organizations so far this year –



Uber Launches Medical Uber Health Service in U.S.

March 27th, 2018|0 Comments

As early as 2016, Uber Health began working with Clearwater Compliance, a provider of industry-leading HIPAA compliance and cyber risk management solutions, to develop the right policies and procedures to ensure that Uber enforces and complies with HIPAA regulations. –



This Nashville company helped Uber become the ‘Uber’ of health care

March 22nd, 2018|0 Comments

When ride-sharing service Uber decided it wanted to get into health care, it had one major roadblock: the Health Insurance Portability and Accountability Act — better known as HIPAA –



  • Uber Health

Introducing Uber Health, Removing Transportation as a Barrier to Care

March 1st, 2018|0 Comments

Uber Health turns to Clearwater Compliance for HIPAA expertise –



Clearwater Compliance becomes SDAHO endorsed business partner

February 23rd, 2018|0 Comments

Clearwater Compliance, a leader in compliance and cyber risk management solutions for hospitals and health care facilities, has been added to the South Dakota Association of Healthcare Organization’s growing list of endorsed business partners. Clearwater will serve the privacy, security, compliance and information/cyber risk management needs of members with their vast array of award-winning SaaS-based software, professional services and educational offerings.

Clearwater Compliance is a Best in KLAS 2018 Cybersecurity Advisory Services category winner. Not only have they received SDAHO’S exclusive endorsement as a security provider, they also have the endorsement of the American Hospital Association and numerous state […]

  • Healthcare Info Security

Lessons From Recent HIPAA Settlements

February 23rd, 2018|0 Comments

Covered entities and business associates can learn many important lessons from recent HIPAA settlements, says privacy attorney Iliana Peters. She recently joined a Washington law practice after serving more than a decade as a HIPAA enforcer at the Department of Health and Human Services’ Office for Civil Rights –


  • Healthcare Info Security

$100,000 Fine in Case Involving Defunct Records Storage Firm

February 14th, 2018|0 Comments

Bob Chaput, CEO of Clearwater Compliance, discusses how BA obligations do not go away when a BA goes out of business or files for bankruptcy. Such coverage helps to position Clearwater as a leading voice of the cyber risk management industry –


  • Polsinelli

OCR Enforcement Lead Iliana Peters Joins Polsinelli’s Washington, D.C. Office

February 7th, 2018|0 Comments

Am Law 100 firm Polsinelli welcomes new Shareholder Iliana L. Peters to its national Health Care Operations practice, expanding the firm’s strong health care presence in Washington, D.C. and across the country –


  • Digital Journal

Partnership Brings Focus on Cyber Security Solutions to Texas Hospitals

February 5th, 2018|0 Comments

The partnership will enable the THA’s member hospitals and health systems to advance cyber risk management best practices and respond more strategically to cyber threats –

  • Houston Business Journal

Partnership Brings Focus on Cyber Security Solutions to Texas Hospitals

February 5th, 2018|0 Comments

The Texas Hospital Association announced its newest partnership with Clearwater Compliance, a top-ranked, award-winning healthcare cyber risk management and regulatory compliance solutions company –

Texas Hospital Association partners with healthcare cyber risk management firm

February 5th, 2018|0 Comments

The Texas Hospital Association is partnering with Clearwater Compliance, a healthcare cyber risk management and regulatory compliance solutions company –

Texas Hospital Association to work with Clearwater Compliance to manage hospital cybersecurity

February 5th, 2018|0 Comments

The Texas Hospital Association, which represents more than 85 percent of the state’s acute-care hospitals and healthcare systems, is partnering with security firm Clearwater Compliance to help bolster those organizations’ cybersecurity –


  • Health Data Management

Cybersecurity Command Center offers real-world security info

January 31st, 2018|0 Comments

The Cybersecurity Command Center, one of the featured exhibits during HIMSS18 in Las Vegas, is intended to provide a real-world grounding in some of the threats facing healthcare organizations, as well as a sampling of the best defenses against cybercrime –

Clearwater Compliance lands top KLAS rank for cybersecurity advisory services

January 30th, 2018|0 Comments

Healthcare cyber risk management and compliance solutions vendor Clearwater Compliance was awarded the top spot in the Cybersecurity Advisory Services category of the “2018 Best in KLAS Awards: Software and Services” report –


  • Health Management Technology

Clearwater Compliance Earns KLAS’ top rating for cybersecurity advisory services

January 30th, 2018|0 Comments

Clearwater Compliance, a provider of healthcare cyber risk management and compliance solutions, announced it has been awarded the prestigious 2018 Best in KLAS designation in the Cybersecurity Advisory Services category in the 2018 Best in KLAS Awards: Software & Services report –

NY firm invests in local health care cyber risk manager

January 24th, 2018|0 Comments

A New York investment firm focused exclusively on health care has taken a stake in Cool Springs-based cybersecurity company Clearwater Compliance.

Clearwater Compliance Announces Investment by Altaris Capital Partners, LLC

January 24th, 2018|0 Comments

The investment will allow Clearwater to further accelerate its already exceptional growth. Last year, Clearwater made the Inc. 5000 list of fastest-growing U.S. private companies and was named one of the country’s fastest-growing firms by Consulting magazine.

  • Louisville Business Journal

Clearwater Compliance Announces Investment by Altaris Capital Partners, LLC

January 24th, 2018|0 Comments

Clearwater Compliance says it has raised capital through an investment from Altaris Capital Partners, LLC. Terms of transaction were not disclosed.

  • Reuters

BRIEF-‍Clearwater Compliance Says Has Raised Capital Through An Investment From Altaris Capital Partners, LLC

January 24th, 2018|0 Comments

Clearwater Compliance says it has raised capital through an investment from Altaris Capital Partners, LLC. Terms of transaction were not disclosed.

Investment in Clearwater Compliance

January 23rd, 2018|0 Comments

Altaris Capital Partners, LLC announces an investment in Clearwater Compliance LLC.

  • captive insurance times

Healthcare Systems are Playing Catch Up when it Comes to Cyber Crime

December 13th, 2017|0 Comments

Playing Catch Up: Healthcare Systems are Playing Catch Up when it Comes to Cyber Crime. Bob Chaput Explains More –

Clearwater is featured in Consulting Magazine’s 2017 Fastest Growing Firms

November 14th, 2017|0 Comments

Consulting magazine’s November issue highlighting Clearwater as a fastest growing firm in America –

  • TechNation

Cybersecurity: What Every HTM Pro Should Know

November 1st, 2017|0 Comments

Bob Chaput, CISSP, HCISPP, CRISC, CIPP/US, CEO of Clearwater Compliance LLC in Nashville, Tennessee suggests that guarding against cyber threats requires inter-department cooperation –

  • Talk Business & Politics

Arkansas Hospital Association member hospitals partner with leading healthcare cybersecurity firm

October 20th, 2017|0 Comments

After reassessing the repercussions of recent data breaches and cybersecurity vulnerabilities, the Arkansas Hospital Association (AHA) has partnered with Clearwater Compliance to provide services to its 101 member institutions –

  • Health Data Management

Why more providers are relying on the NIST Cybersecurity Framework

October 4th, 2017|0 Comments

Healthcare organizations are just beginning to understand the importance of adopting a cybersecurity framework as part of their overall information risk management program –

OCR guidance should shape your risk management program

September 12th, 2017|0 Comments

Controls-based “checklists” and dubious certifications will not adequately protect a healthcare organization’s sensitive digital assets –

  • Healthcare Info Security

FDA Issues Medical Device Secure Data Exchange Guidance

September 7th, 2017|0 Comments

‘Recommendations for Smart, Safe and Secure Interactions’ –

It’s time for an attitude adjustment

September 5th, 2017|0 Comments

It is natural, given their business of treating the sick, for those in the healthcare industry to be reluctant to describe the threat to patient information security and the possible danger to the welfare of a patient as “war” –

  • Career Info Security

Winning C-Suite Support for Cybersecurity Funding

September 1st, 2017|0 Comments

A CFO Shares Practical Insights on Gaining Necessary Funding –

Essential elements for a hacker-proof healthcare cybersecurity strategy

August 24th, 2017|0 Comments

Declaring a strategic objective, naming a CISO, maintaining a separate budget, board involvement and strict vendor scrutiny are just a few crucial points, cybersecurity experts say –

  • SecureWorks

Fireside Chat with Clearwater Compliance’s Mary Chaput

August 22nd, 2017|0 Comments

How healthcare organizations can overcome common cybersecurity roadblocks –


Mature information risk management programs

August 21st, 2017|0 Comments

Chief Audit Executives do not need to be reminded that data breaches are increasing in scope and severity every month –


  • Health Data Management

HIT Think – New approach needed to protect health data

August 18th, 2017|0 Comments

HIPAA regulations—and the mindset they have inspired for information security—can no longer be the standard on which a healthcare information security program is built –


Inc. 5000 list: 52 Nashville companies among fastest growing

August 16th, 2017|0 Comments

More than 50 Nashville-area companies earned a prestigious ranking on the Inc. 5000 list featuring fast growth –


  • Healthcare Info Security

Applying the ‘Doctrine of Maneuver Warfare’ to the Execution of a Cybersecurity Action Plan

August 9th, 2017|0 Comments

Our healthcare system is under attack by malicious interlopers who wish to inflict financial and reputational damage for their own gain –

Ransomware 2.0: It’s coming, and healthcare needs to get prepared

August 8th, 2017|0 Comments

The latest variation on a theme regarding this threat is what can appropriately be called a ransomworm,” said Rich Curtiss, managing consultant at Clearwater Compliance, a former hospital CIO, and liaison for cybersecurity vulnerability projects with the National Cybersecurity Center of Excellence –


How knowing the difference between Petya and NotPetya can help security pros block malware

July 25th, 2017|0 Comments

The latest ‘ransomworm’ attack is not over and, in fact, is already causing permanent damage –


  • Healthcare Info Security

UK Beefs Up Hospital Cybersecurity Funding

July 19th, 2017|0 Comments

Mary Chaput, CFO and compliance officer at cybersecurity consulting firm Clearwater Compliance, says attempts to recoup HITECH incentive payments already made to healthcare entities won’t be good for cybersecurity –


  • Executive Biz

Clearwater Compliance Joins NIST-Led Cybersecurity Partnership

July 12th, 2017|0 Comments

Clearwater Compliance has become a member of a public-private cybersecurity collaboration within the National Institute of Standards and Technology‘s National Cybersecurity Center of Excellence –


Preparing for the next change in healthcare information security

July 11th, 2017|0 Comments

HIPAA Regulation was created for the purpose of setting a baseline standard for the security and privacy of patient data. The standard was set for the environment that existed at that time –


NotPetya Is NotRansomware – A uniquely disguised and damaging attack

July 6th, 2017|0 Comments

The latest world-wide cyber event was touted as another Ransomware attack of the WannaCry variant. To reorient, WannaCry is a malware package in the Ransomware category –


C-suite needs education, governance and good teams to navigate changing healthcare risk environment

June 30th, 2017|0 Comments

C-suite needs education, governance and good teams to navigate changing healthcare risk environment – Article By Bill Siwicki Originally Published on

  • Healthcare Info Security

Sizing Up NotPetya’s Impact in US Healthcare Sector

June 30th, 2017|0 Comments

Like in the recent WannaCry attacks, the U.S. healthcare sector has so far mostly avoided becoming a victim of NotPetya, the malware menacing organizations across the globe –


  • Renal and Urology News

Risk Analyses Must Include All Electronic PHI

June 21st, 2017|0 Comments

Bob Chaput, founder and CEO of Clearwater Compliance, LLC, of Nashville, Tennessee, said ePHI breaches were involved in about three-quarters of all OCR corrective action cases to date  –


107+ cybersecurity companies in healthcare | 2017

June 15th, 2017|0 Comments

Healthcare organizations across the globe are more susceptible than ever to hacks and data breaches, which can cost a hospital or health system millions to fix and damage their reputation –


  • Cybersecurity and Healthcare Banking

Cybersecurity and Healthcare Banking

June 6th, 2017|0 Comments

In 2017 the industry most targeted by cybercriminals will be healthcare – Download White Paper


Medical devices, patient safety and cybersecurity

June 2nd, 2017|0 Comments

The recent Ransomware event has focused attention on the fragile state of information systems across the globe –

Popularity contest: Survey reveals Nashville’s most-likable CEOs

May 31st, 2017|0 Comments

Nashville is home to several likable CEOs, and now they’ve been ranked –

5 recent vendor contracts go-live

May 26th, 2017|0 Comments

Georgia Hospital Health Services, a Georgia Hospital Association subsidiary, on May 23 named Clearwater Compliance its recommended cybersecurity provider for all hospitals in the state –

(eBook) All In: Embracing Cybersecurity Across the Healthcare Enterprise

May 26th, 2017|0 Comments

By committing to sharing resources with each other, the health sector can grow to be a model sector for cybersecurity –

Georgia Hospital Association Gives Clearwater Compliance Exclusive Cybersecurity Endorsement

May 24th, 2017|0 Comments

Georgia Hospital Health Services, a Georgia Hospital Association subsidiary, on May 23 named Clearwater Compliance its recommended cybersecurity provider for all hospitals in the state. –

Georgia Hospital Association Taps Clearwater to Bolster Cybersecurity

May 23rd, 2017|0 Comments

Officials said the goal is to provide each of the state’s 170 hospitals with the necessary cyber tools to prevent breaches –

  • PHI Protection Network

Addressing Today’s Evolving Threats to Hospitals and Health Systems

May 16th, 2017|0 Comments

Mary Chaput, CFO Clearwater Compliance, is one of the country’s foremost experts on compliance with PHI privacy and security regulations. Her insights are widely featured in healthcare publications. – PHI Protection Network Blog

  • Health Data Management

NIST offers guidance for securing wireless infusion pumps

May 10th, 2017|0 Comments

The National Institute of Standards and Technology has issued new guidance on securing wireless infusion pumps in hopes of hardening the devices against cyber attacks –

  • Health IT Security

Medical Device Security Focus in Recent NCCoE Collaboration

May 9th, 2017|0 Comments

Clearwater Compliance CEO Bob Chaput stated in an email that wireless IV medical infusion pump security will be improved with letting NCCoE more effectively understand the hospital CIO culture and how to effectively communicate and apply best practices to this audience –

  • Healthcare Finance

Cyberinsurance options a ‘Wild West’ for healthcare organizations

May 9th, 2017|0 Comments

It is wild wild west out there when it comes to cyberinsurance,” said Mary Chaput, CFO of Clearwater Compliance, a healthcare cybersecurity consulting firm –

  • Cybersecurity Warfare

‘Warfare mindset’ that draws battle lines between systems, hackers, key to justifying cybersecurity investment, experts say

April 28th, 2017|0 Comments

Usual standard by which investments are judged does not lend itself favorably to cybersecurity; new mindset needed, authors write. –

  • Healthcare Info Security

Why Focusing Too Much on Today’s Cyber Threats Is a Bad Idea

April 27th, 2017|0 Comments

Healthcare organizations must take a long view in their security risk management programs rather than focus on the “cyberthreat du jour,” says security expert Bob Chaput – Healthcare Info Security

  • ahia

HIPAA Risk Analysis: OCR-Quality Audits | Another opportunity to provide assurance to leadership

March 22nd, 2017|0 Comments

Clearwater’s CEO & CFO, Bob & Mary Chaput co-authored the recently published, feature article in the Journal of the Association of Healthcare Internal Auditors.   

Operationalizing Cybersecurity in Healthcare Organizations

February 24th, 2017|0 Comments

Clearwater’s CEO, Bob Chaput, in collaboration with David Finn, Health IT Officer at Symantec, and HiMMS Analytics have just released an EBOOK discussing the recent findings of the 2017 IT Security & Risk Management Study.

More Press

103, 2016

Clearwater Announces the American Hospital Association’s Extended Endorsement of Its Health Information Security Solutions

Clearwater Compliance is proud to continue working with AHA Solutions, a division of Health Forum, the strategic business enterprise of the American Hospital Association (AHA), to provide exclusive resources and trusted solutions to AHA members. Clearwater’s Health Care Information Privacy, Security, Compliance and Risk Management Solutions have earned the exclusive endorsement of the American Hospital Association for the second year running. […]

2502, 2016

Clearwater Compliance, Knowledge Group Present “Harnessing the Power of NIST” Webcast

Clearwater Compliance is proud to team up with the Knowledge Group to offer a webinar entitled “Harnessing the Power of NIST – Your Practical Guide to Effective Cybersecurity.” […]

Published Articles

1411, 2016

The Importance of Improving Medical Device Security

Enhancing medical device security requires collaboration

Sociologists call it “the diminishing returns of complexity.” It’s the point where a major innovation (like the wireless IV medication infusion […]

3110, 2016

Healthcare Industry Is The Bullseye For Hackers In 2017

Ransomware is on the rise at hospitals in the U.S. and globally.

“Healthcare is the most cyber attacked industry according to the 2016 IBM X-Force Cyber Security […]

Contact Us

Our Expertise May Get Us Headlines, But Where It Really Matters Is In Our Work.

Contact us today for more information on how we can help your organization with it's HIPAA compliance and information risk management program.
Contact Us