Whether you’re organization is front line health care provider, or payer (including all you leaders outside of health care with a self-funded health plan), or a healthcare clearinghouse, or, finally, one of millions of business associates, you need to know the CIA.

I’m not referring to the Central Intelligence Agency or the Culinary Institute of America.

I’m referring to that very core of privacy, security and information risk management: Confidentiality, Integrity and Availability. At the end of the day, the protection of any sensitive information – PHI, PII, credit card numbers, company financials, trade secrets, etc. – requires an understanding of all the ways in which a compromise of the Confidentiality (e.g., unauthorized disclosure), Integrity (e.g., unapproved modifications or deletions) and Availability (e.g., lack of access when needed) can occur.

Remember, “First, do no harm”!

Responsible and committed people on your team and, hopefully, throughout your organization are working to prevent harm to all stakeholders in your success: patients, residents, employees, board members, business partners, etc.

Of course, when the phrase “First, do no harm” was first used, it was solely focused on physical harm to your patients.  Organizations’ Enterprise Risk Management departments focused on medical malpractice, spills and falls, compliance with EMTALA, and fraud, waste and abuse among other root causes of physical harm.

Welcome to the new millennium!Information safety

Today, patients, employees, residents and other stakeholders can also be significantly harmed by a compromise of Confidentiality, Integrity and/or Availability of their sensitive information.  The courts are affirming the same, while simultaneously everyday criminals, foreign nation states and even our own employees are proving the value of all the online sensitive information… especially, PHI.

We can assist you!

In our recently published white paper, we introduced the Clearwater Information Risk Management Capability Advancement Model™ (IRMCAM™) White Paper and self-assessment tool for immediate adoption to assist organizations in building an efficient and effective information risk management program best suited to their unique needs.

Privacy, Security and Compliance Risk Management Resources Available to You

Clearwater Compliance offers best-in-class HIPAA-HITECH Privacy, Security and Breach Notification software and services. Our years of direct front-line, real-world experience with deep privacy and security skill-sets will help you assess and implement the required people, process and technology controls cost-effectively.

Please avail yourself of any of these free resources which you may access now by clicking on the links below:

Register for one of Clearwater’s complimentary webinars on information risk analysis and risk management basics and get to grips with these issues and more.

Bob Chaput

CEO at Clearwater Compliance
Bob Chaput is widely recognized for his extensive and in-depth knowledge of healthcare compliance and cyber risk management, and is one of the industry’s leading authorities in healthcare information security today. As a leading authority safeguarding health data, Chaput has supported hundreds of hospitals and health systems to successfully manage healthcare’s evolving cybersecurity threats and ensure patient safety.