About Clearwater

News Room

Texas Public Radio

Texas Attracts Most Healthcare Data Hacks But It Is Fighting Back

April 9, 2019

Cybercriminals stole the health records of more than 9 million Americans last year, according to data from U.S. Health and Human Services. The data collected includes breaches from hospitals, health insurers and other health organizations covered by the Health Insurance Portability and Accountability Act, which makes breaches public when they affect more than 500 people.

Read More
Health Data Management

Laptop Vulnerabilities Still Pose Great Security Risk to Health Data

March 8, 2019

New research from the Clearwater Cyber Intelligence Institute finds that laptop computers continue to present a substantial data security risk for the healthcare industry. Clearwater operates a database that holds millions of risk records from hospitals, delivery systems, and business associates. Data mining and informatics teams at the firm use analytics to identify common security weaknesses in provider organizations, insurance companies, and other entities.

Read More

Laptops Pose Serious Data Security Risk to Hospitals, Health Systems

March 4, 2019

Hospitals and health systems are continuing to struggle with laptop vulnerabilities, caused primarily by endpoint data loss, excessive user permissions, and dormant accounts, according to new findings from Clearwater CyberIntelligence Institute. In fact, 70 percent of all high and critical risk scenarios for laptop vulnerabilities were caused by those risk areas. CCI researchers analyzed data from Clearwater’s proprietary database, which is exclusively focused on cybersecurity risks to hospitals, Integrated Delivery Networks, and business associates.

Read More
Journalof AHIMA_logo_big

Security Risk Analyses Can Offer Significant Findings by Wes Morris

March 1, 2019

ONE OF THE critical information governance (IG) functions is successful execution of an organization’s privacy and security responsibilities. Chief among these responsibilities is to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information(ePHI). This assessment is a foundation upon which other security processes will depend. Poor or non-existent risk analysis processes have been a finding in 89 percent of settlement agreements and civil money penalties imposed by the US Department of Health and Human Services’ Office for Civil Rights (OCR). In 2018 alone, the cost was over $24 million for organizations that failed to implement effective risk analysis or risk management processes.

Read More

Unsecure Laptops Still a Major Security Threat For Healthcare

February 28, 2019

Unsecure Laptops Still a Major Security Threat For Healthcare

Read More
Business of Healthcare

Insurance Captives: Innovation & Cost Savings for Providers

February 20, 2019

In this interview, Michelle Johns, Chief Risk Officer of IU Health and Bob Chaput, Executive Chairman of Clearwater discuss their innovative work benchmarking risk within and between large health systems. They also explore why insurance captives have become so strategically important to innovation.

Read More

Uber Health: Driving Change in Healthcare Transportation

February 19, 2019

Democratizing healthcare transportation is crucial for patients’ quality of care and quality of life. Providing approximately 10,000 rides per minute, Uber is looking to be a driving force behind healthcare transportation.

Read More

HIMSS19 to Showcase Compliance, Device Security, Vendor Management

February 6, 2019

Visitors can visit the HIMSS19 Cybersecurity Command Center at the Orange County Convention Center. Hosting security vendors like Cisco, Clearwater, FairWarning, MimeCast, IBM Security, and many others, attendees can visit these booths for conversations around security & get answers to some of the most pressing security questions.

Read More

Press Releases

Clearwater Further Streamlines Enterprise Risk Analysis for Health Systems with Its Patent-Pending “Component Expert System” Technology

As the healthcare industry continues to be targeted by cyber attacks, Clearwater has released new, breakthrough technology that provides hospitals and health systems with a more intelligent view into all of the processes, people, locations, technology and components that can pose a data security risk to an information system. Clearwater’s new Component Expert System (CES), embedded in its IRM|Analysis™ software, enables hospitals and health systems to complete the security risk analysis (SRA) process more efficiently across the enterprise by logically grouping similar information system components based on their properties and associated controls. The patent-pending technology automatically identifies relevant cyber and information risk scenarios, thereby facilitating a more effective risk assessment process.

Clearwater CyberIntelligence™ Institute Study Finds Laptops Still a Significant Data Security Risk for Hospitals and Health Systems

Endpoint data loss, excessive user permissions, and dormant accounts make up 70 percent of all high and critical risk scenarios for laptop vulnerabilities at hospitals and health systems across the country, according to new findings released by the Clearwater CyberIntelligence Institute (CCI), which leverages insights from Clearwater’s proprietary database—the industry’s largest and most complete database focused exclusively on the unique cybersecurity risk profiles of hospitals, Integrated Delivery Networks (IDNs) and business associates. Despite efforts to make laptops more secure, the CCI study found they remain a Top 10 cybersecurity risk for hospitals and health systems. 

Company Blog

Clearwater CyberIntelligence Institute™ IRM | Analysis™ Bulletin #2

Laptops quickly come to mind when security leaders think about potential vulnerabilities for their organization. They are highly portable, can be accessed remotely, and are at high risk for theft. CCI™ analyzed high and critical risks facing hospitals and health systems found in our database and summarized them based on Clearwater’s comprehensive method of evaluating administrative, technical, and physical vulnerabilities.

Cyber and Privacy Risks Are Bleeding Over into Medical Professional Liability Risks | Update from the Cayman Captive Forum

Over November 27th to 29th, the 26th annual Cayman Captive Forum was held in Grand Cayman.  Over 1,400 specialists including captive directors, CFOs, CROs, service providers and captive managers from around the world met to discuss the issues most pressing to the captive insurance industry.  One of the key topics discussed was the apparent evolution from what started out as “HIPAA compliance risk” to “cybersecurity risk” to a “patient safety risk” and now “medical professional liability risk”.

Clearwater CyberIntelligence Institute™ IRM | Analysis™ Bulletin #1

Clearwater delivers cyber risk management solutions to hundreds of healthcare delivery organizations and their partners. The enormous data set of […]

Interested in how the solutions featured in this case study could help your organization?