News Room

Clearwater, Digital Reasoning 3-Year Cyber Risk Partnership For AI-Powered Solutions

January 29, 2019

Clearwater Compliance and Digital Reasoning have announced a three-year “Cyber Risk Services” partnership enabling providers to understand the results of AI-powered solutions, using a cybersecurity and HIPAA compliance program.

Read More
Security Intelligence IBM

What Does Healthcare Cybersecurity Look Like in a Future of Connected Medical Devices?

January 23, 2019

As technology continues to transform the way healthcare is delivered, the industry is burdened by the growing cybersecurity risks inherent in the expansion of connected devices. Understanding that each connected device opens another pathway for threat actors, it’s incumbent upon device manufacturers to keep security foremost throughout the development life cycle.

Read More
Help News Security

Top Vulnerabilities Hospital Executives Should Address Immediately

January 16, 2019

The three most critical and common high-security cyber risks facing healthcare delivery organizations and their partners have been uncovered in an analysis by the Clearwater CyberIntelligence Institute (CCI).

Read More

Lessons From Report on Massive Singapore Healthcare Hack

January 11, 2019

Analysis of SingHealth Attack Offers Recommendations That Could Be Applied Worldwide- A variety of security weaknesses – ranging from misconfigurations to coding vulnerabilities, untrained staff and flawed incident response – contributed to a 2017 cyberattack impacting about 1.5 million patients of SingHealth, Singapore’s largest healthcare group. That’s the conclusion of a new report issued by a committee designated to […]

Read More
Becker's Hospital Review

3 Common High-security Cyber Risks for Healthcare Facilities

December 28, 2018

User authentication deficiencies are among the most common high-security risks healthcare organizations face with regard to cybersecurity, according to a CyberIntelligence Insight Bulletinfrom Clearwater Compliance. The company analyzed critical risks facing hospitals and health systems in its database and summarized them. Clearwater gathered the data from HIPAA risk analyses performed using its IRM|Analysis software that provides […]

Read More

User Authentication Most Common Cyber Risk for Hospitals, Health Systems

December 27, 2018

User authentication deficiencies, endpoint leakage, and excessive user permissions are the three most common cyber risks facing health systems and hospitals, according to new data from Clearwater CyberIntelligence Institute. The report reflected similar findings in a recent Crowe analysis that found access management will be one of the biggest health IT risk concerns across the healthcare sector in 2019.

Read More

Responding to an OCR breach investigation with an OCR-quality risk analysis

September 28, 2018

Jon Moore, Clearwater’s SVP of Professional Services, addresses why health organizations continue to struggle to meet OCR’s risk analysis. In the article, Jon walks through steps of a successful OCR-quality risk analysis –

Read More

Clearwater releases CyberIntelligence dashboards for Its IRM|Pro Enterprise Cyber Risk Management Platform

July 24, 2018

Clearwater, a healthcare cyber risk management solutions company, announced the release of CyberIntelligence dashboards, the latest innovation for IRM|Pro, an Enterprise Cyber Risk Management System (ECRMS) for healthcare providers and their partners –

Read More

Press Releases

Clearwater Further Streamlines Enterprise Risk Analysis for Health Systems with Its Patent-Pending “Component Expert System” Technology

As the healthcare industry continues to be targeted by cyber attacks, Clearwater has released new, breakthrough technology that provides hospitals and health systems with a more intelligent view into all of the processes, people, locations, technology and components that can pose a data security risk to an information system. Clearwater’s new Component Expert System (CES), embedded in its IRM|Analysis™ software, enables hospitals and health systems to complete the security risk analysis (SRA) process more efficiently across the enterprise by logically grouping similar information system components based on their properties and associated controls. The patent-pending technology automatically identifies relevant cyber and information risk scenarios, thereby facilitating a more effective risk assessment process.

Clearwater CyberIntelligence™ Institute Study Finds Laptops Still a Significant Data Security Risk for Hospitals and Health Systems

Endpoint data loss, excessive user permissions, and dormant accounts make up 70 percent of all high and critical risk scenarios for laptop vulnerabilities at hospitals and health systems across the country, according to new findings released by the Clearwater CyberIntelligence Institute (CCI), which leverages insights from Clearwater’s proprietary database—the industry’s largest and most complete database focused exclusively on the unique cybersecurity risk profiles of hospitals, Integrated Delivery Networks (IDNs) and business associates. Despite efforts to make laptops more secure, the CCI study found they remain a Top 10 cybersecurity risk for hospitals and health systems. 

Company Blog

NIST and Telehealth: Securing the Remote Patient Monitoring Ecosystem

We are living in an exhilarating time in the world of healthcare. A common theme among many healthcare related stories and articles we come across today is that things which were once thought to be a matter of science fiction are now moving closer to becoming a reality. A Feb 27, 2019, article from Forbes Magazine, entitled, “Telemedicine: The Latest Futuristic Tech Prediction from The Jetsons To Come True,” brought up a cartoon show from 1962, “The Jetsons,” in which depicted patients video conferencing physicians for diagnosis and treatment as being something commonplace.

Key Takeaways From Breakfast & Breaches™ | Chicago

Clearwater and Lockton Companies, the world’s largest privately owned, independent insurance brokerage firm, are hosting a series of panel discussions with security experts and officials from the U.S. Department of Health and Human Services, Office for Civil Rights (OCR). The series offers attendees up-to-date information about cyber risk management strategies, HIPAA compliance and OCR enforcement. Attendees can participate in person or via live webcast.

What Does OCR’s Lowering of Maximum Annual Caps Mean for Covered Entities?

The Office for Civil Rights (OCR) gave notice in the Federal Register that it is lowering the maximum annual caps for all HIPAA culpability tiers, except for the willful neglect without timely correction tier. There has been uncertainty for some time as to whether OCR’s interpretation of the statute was appropriate with regard to the $1.5M annual limit for all culpability levels.

Interested in how the solutions featured in this case study could help your organization?