At Clearwater, we believe that having a successful Risk Management program is a journey, not a destination and can be completed in 4 basic stages. The third stage of this life cycle is to Respond – meaning to establish additional controls and safeguards as well as remediating any compliance gaps and security risks found during the assessment stage.
It’s simply not enough to know you have risks and call it a day. What are you gonna’ do about them??
That’s where Risk Response comes in!
Customer Requested Features
You asked, we listened!
Here are some of the top improvements we have made based on popular customer suggestions:
- Improved look and feel of floating notes – More modern style with ability to ‘drag’ around the screen for improved visibility.
- Stronger Password Management – providing custom options and several new default password settings to ensure all credentials are strong and secure.
Featured Improvement – Risk Response
Our robust Risk Response tool kit is designed to help you manage your risks after the completion of a bona fide Risk Analysis.
Let’s take a look at some of the key features and benefits, following the Risk Response Workflow:
- Risk Threshold allows you to determine the level at which risk’s require treatment based on your organization’s risk response appetite
- Addition of the Risk Response List gives you the functionality to manage the improvement of your security by providing overall progress and completion of all risks. This dynamic screen can be used as a To-Do list for risks that need to be addressed and has many custom view options.
- Implementation of the Risk Treatment Form feature; this page enables the customer to assign a responsible party to a risk, select a type of Risk Treatment type and enter notes
- Evaluate Alternatives assists in identifying a course of action that would aid in getting risk rating to a manageable level. Select Effectiveness, Estimated Costs, Feasibility, Action and add valuable Notes or Documents. You can also create custom controls that are unique to your organization. This information will give you what you need to calculate the Residual Risk Rating and Select a Risk Status.
- Approve Alternatives – Respond to risks by approving actions to reduce them
- Implementation Planning will allow you to plan the mitigation and transfer of risks once approved during the Evaluate Alternatives process. Add an Implementation Description, Plan for Monitoring Effectiveness and Implementation Due Date.
- Risk Action Plan – Drive risk response activities to closure with this dynamic project planning capability. Assign an Implementation Manager, Identify Priorities, Upload Documents and send reminder notices.
Additional Improvements to the Clearwater HIPAA Risk Analysis™ Software:
- Improved Document Management List – Expand out each control name to view a quick version history of all documents uploaded during the Risk Analysis and Risk Response processes.
- Upload important control documentation from the Risk Treatment, Evaluate Alternatives and Approve Alternatives screens during the Risk Response process
- Create custom examples for the Risk Likelihood and Risk Impact Scales – This allows for more ranges instead of discreet values for the Risk Likelihood examples and provide more clarity for the Risk Impact examples. Now customers can design examples specific to their needs and understanding, ensuring unified interpretation.
- New and improved Clearwater Control Definitions – We created more vivid and descriptive explanations for all 112 Clearwater Controls, complete with real-world examples
Updates to Clearwater HIPAA Security Assessment™ Software:
- Multiple improvements to the Remediation Plan, including, but not limited to the ability to do mass updates to Responsible Parties, Priority and Due Dates
- The addition of more Notes capabilities; the addition of Notes counters to important reports and screens; and the ability to navigate to and edit Notes
- Created a hyperlinked column titled ‘Requirement’ in the Document Management area which will take you to the assessment question for which you uploaded a file
- Ability to decide when colleagues get notified of Tasks and To-Dos – Eliminated Automatic Emails
- Nested Remediation To Dos within Tasks – With this major improvement, you can expand out an Implementation Specification/Question/Task item from the HIPAA Compliance Tasks screen and view existing To-Do’s, edit or delete existing To-Do’s and create new To-Do’s. For each To-Do, you have the added capability to update the completion status, priority, responsible party, due date and completion date.
- View, Edit, Delete or Add Task Notes from the HIPAA Compliance Tasks page – No more toggling between screens to get all of the information you need to manage your Remediation Plan.
- Want to close the loop with remediation of Tasks and To-Do’s? We added the ability to enter a Completion Date to the HIPAA Compliance Tasks and Task Completion To-Do’s screens and view the completion dates on reports so you can see exactly when an item was due to be corrected, and actually finished.
- Ability to edit Task and Assessment Notes – Make the proper changes to an existing note without having to delete and re-enter data.
See these new features and more as one of our product development experts walks you through a live demonstration of the powerful functionality of Clearwater Compliance’s suite of software.
We are committed to continue to invest development resources to ensure our Customers have comprehensive and robust tools with which to perform periodic Risk Analysis and Security and against the HIPAA Rules. We use the extensive background and knowledge of our experienced team, along with our customer’s feedback to develop and create the most powerful, proven methodology in the market today for helping organizations successfully respond to regulatory requirements and information risk management best practices.
Latest posts by Jon Stone (see all)
- Latest Product Highlights – Welcome to IRM|Pro™ - March 17, 2015
- Latest Product Highlights – Entity Management and New Name! - February 5, 2015
- Latest Product Highlights – Identify and Respond to Your Identified Gap or Risks - January 5, 2015