Blog

Blog

What the New York SHIELD Act Means for Healthcare Organizations

What the New York SHIELD Act Means for Healthcare Organizations

On July 25, 2019 the Governor of New York signed into law the “Stop Hacks and Improve Electronic Data Security Act” (SHIELD ACT) effective March 21, 2020.

Read More

The Rise of Enterprise Cyber Risk Management Software

The digital transformation of healthcare is rapidly driving the adoption of new technology and information systems to support key business initiatives. We are experiencing a veritable explosion in health care data, systems and devices.

Read More
OCR Quality Risk Analysis Blog Featured Image

Understanding What Constitutes OCR-Quality Risk Analysis™

In the first half of 2019, there were 223 reported breaches affecting 10.2 million individuals, an increase of 167% over the same period in 2018. These figures do not include the widely publicized American Medical Collections Agency breach, which is estimated to have affected at least 22 million individuals on its own.

Read More
true cost data breach

Understanding the True Cost of a Data Breach

In the case of American Medical Collection Agency’s (AMCA) highly publicized data breach, the cost proved unrecoverable as the 42-year-old parent company Retrieval-Masters Credit Bureau filed for bankruptcy just weeks after disclosing the breach.
Organizations should calculate the risk of a data breach, not only for covered entities but also for their business associates. A breach of your patient data will affect your organization, even if it’s by a business associate.

Read More
HIPAA Enforcement Ramps_ Clearwater

State Attorney General HIPAA Enforcement Ramps Up, Value of an OCR-Quality Risk Analysis™ Has Never Been Higher

Many Chief Information Security Officers and Chief Compliance Officers often express concern to us about the potential disruption and cost that can come from an Office for Civil Rights (OCR) investigation, not to mention the reputational damage that will result from a settlement or monetary penalty. An appearance on the wall of shame is a mere blemish compared to the negative publicity of an OCR fine or settlement. However, the possibility of a State Attorney General (AG) action is often underestimated and overlooked. If a State AG enforcement is not top of mind for you and your board, it should be.

Read More
Key Takeaways Breakfast & Breaches DC Excerpt

Key Takeaways From Breakfast & Breaches™ | D.C.

Clearwater’s recent Breakfast & Breaches event in Washington, DC brought together an outstanding group of leaders with unique insight on the growing problem of how to keep protected health information secure. Drawing on their combined decades of experience working across the compliance spectrum, our panelists and moderator challenged the audience’s thinking with regard to how their organizations analyze and manage risks.

Read More
Highest Level of Security Weaknesses in Hospitals thumb

Highest Level of Security Weaknesses in Hospitals and Health Systems Uncovered

More than half (54%)* of all individuals affected by a healthcare information breach in the past twelve months were impacted by a breach that touched the affected organization’s server, according to data provided on the U.S. Department of Health and Human Services Office for Civil Rights Breach Portal: Notice to the Secretary of HHS Breach of Unsecured Protected Health Information. According to the data, ninety (90) healthcare breaches — affecting more than nine million individuals—were related to servers in some way.

Read More
Third-party information security risk thumb

Managing Third-Party Information Security Risk

Clinical laboratory provider Quest Diagnostics recently acknowledged that a billings collections vendor it works with suffered a data breach on its web payment system that may have exposed information of nearly 12 million of Quest’s patients. The third-party company, Elmsford, N.Y.-based American Medical Collection Agency (AMCA), is contracted with Optum360 LLC, which in turn provides payment services to Quest.

Read More

Thousands of professionals trust Clearwater to bring them the latest news and information on Compliance and Cybersecurity Risk Management.

Show Buttons
Hide Buttons