Whether you’re organization is front line health care provider, or payer (including all you leaders outside of health care with a self-funded health plan), or a healthcare clearinghouse, or, finally, one of millions of business associates, you need to know the CIA.
I’m not referring to the Central Intelligence Agency or the Culinary Institute of America.
I’m referring to that very core of privacy, security and information risk management: Confidentiality, Integrity and Availability. At the end of the day, the protection of any sensitive information – PHI, PII, credit card numbers, company financials, trade secrets, etc. – requires an understanding of all the ways in which a compromise of the Confidentiality (e.g., unauthorized disclosure), Integrity (e.g., unapproved modifications or deletions) and Availability (e.g., lack of access when needed) can occur.
Remember, “First, do no harm”!
Responsible and committed people on your team and, hopefully, throughout your organization are working to prevent harm to all stakeholders in your success: patients, residents, employees, board members, business partners, etc.
Of course, when the phrase “First, do no harm” was first used, it was solely focused on physical harm to your patients. Organizations’ Enterprise Risk Management departments focused on medical malpractice, spills and falls, compliance with EMTALA, and fraud, waste and abuse among other root causes of physical harm.
Welcome to the new millennium!
Today, patients, employees, residents and other stakeholders can also be significantly harmed by a compromise of Confidentiality, Integrity and/or Availability of their sensitive information. The courts are affirming the same, while simultaneously everyday criminals, foreign nation states and even our own employees are proving the value of all the online sensitive information… especially, PHI.
We can assist you!
In our recently published white paper, we introduced the Clearwater Information Risk Management Capability Advancement Model™ (IRMCAM™) White Paper and self-assessment tool for immediate adoption to assist organizations in building an efficient and effective information risk management program best suited to their unique needs.
Privacy, Security and Compliance Risk Management Resources Available to You
Clearwater Compliance offers best-in-class HIPAA-HITECH Privacy, Security and Breach Notification software and services. Our years of direct front-line, real-world experience with deep privacy and security skill-sets will help you assess and implement the required people, process and technology controls cost-effectively.
Please avail yourself of any of these free resources which you may access now by clicking on the links below:
- Risk Analysis Buyer’s Guide
- Clearwater Compliance White Paper:Risky Business: How to Conduct a Bona Fide HIPAA Security Risk Analysis
- Clearwater Recorded Webinar event entitled How to Conduct a Bona Fide HIPAA Security Risk Analysis
- Clearwater HIPAA Security Risk Analysis™ softwareDataSheet
- Clearwater HIPAA Security Risk Analysis™ softwareFree Trial for qualified organizations
- HIPAA HITECH Risk Analysis Resources
Register for one of Clearwater’s complimentary webinars on information risk analysis and risk management basics and get to grips with these issues and more.
Latest posts by Bob Chaput (see all)
- HIPAA Risk Analysis: OCR-Quality Audits | Another opportunity to provide assurance to leadership - March 22, 2017
- HIPAA Risk Analysis Tip – OCR CAP Data: Learn Why 9 of 10 Organizations Fail - January 28, 2017
- The Importance of Improving Medical Device Security - November 14, 2016