Information security and cyber risk management has become an essential component of ensuring patient safety. Concurrently, the threat environment for healthcare organizations has significantly changed and expanded. The net effect of these developments is that traditional approaches to patient safety and information security may not be aligned with the current threat environment, which can lead to gaps in how patient safety and medical data are protected.In response, healthcare organizations are implementing not only new methods to protect patients and systems, but new models for their patient safety, information security, and risk management efforts. One effective model is to implement an organizational structure that combines patient safety, information security, and risk management authority. Coupled with adoption of the NIST information risk management (IRM) approach, organizations will be able to develop the comprehensive outlook that the fast-evolving threat environment requires and deter gaps from emerging between efforts to protect patient safety and information. The NIST IRM approach provides a standardized framework and process and maturity model that is highly appropriate and adaptable for healthcare organizations.Read the entire article at The Compliance and Ethics Blog.


Clearwater helps healthcare organizations ensure patient safety and improve the quality of care by safeguarding the confidentiality, integrity and availability of protected health information (PHI).

We have assisted more than 400 customers to operationalize and mature their information privacy, security, compliance and information risk management programs. And in the process, we are raising the bar for safeguarding PHI, protecting millions of Americans and driving real value for the organizations we support and the healthcare industry at large.