We definitely feel Clearwater will be instrumental in helping us avoid future fines by remaining compliant with privacy and HIPAA regulations. Clearwater’s software is also providing us with a framework for managing our risk across other business lines like administration, safety and compliance – even finance!
Jon Watkins, Chief Financial Officer , Anchorage Community Mental Health Services, Inc.

Project Overview

Anchorage Community Mental Health Services, Inc. (ACMHS) has been the largest community mental health provider in the state of Alaska since 1974.  ACMH’S mission is to promote recovery and wellness by providing consumer-driven behavioral health care services to the people of Anchorage and surrounding areas.

  • An OCR investigation following a breach of unsecured electronic protected health information (ePHI) resulted in a corrective action plan and over $3 million in fines.
  • Establishing a HIPAA information risk management program in response to the investigation included:
    o Conducting an accurate and thorough assessment of the risks and vulnerabilities threatening the security of ePHI.
    o Implementing mandated policies and procedures, as well as technical security measures to guard against unauthorized access to ePHI
  • Utilized Clearwater’s IRM|AnalysisTM software to conduct a bona fide
    HIPAA security risk analysis.
  • Met the explicit requirement for a risk analysis within the Security
    Management Process Standard [45 CFR 164.308(a)(1)] of the HIPAA
    Security Final Rule.
  • Generated reports from IRM|AnalysisTM for submission to the Health and
    Human Office for Civil Rights to demonstrate evidence of a bona fide risk
  • Completed a rigorous security self-assessment vis-à-vis HIPAA Security Rule, establishing a baseline / benchmark score and populating the software tool with a current-state Risk status that will enable ongoing risk management.
  • Implemented required policies and procedures, and administrative and
    technical security measures.
  • Achieved a 100% score on OCR post-investigation audit.
  • Reduced OCR fine from $3.3M to $150,000!
  • Ongoing solutions from Clearwater will be essential in keeping the fine in
    abeyance during the 2 year Compliance Agreement with OCR.
Download PDF

Products & Services Employed

Contact Us

Interested in how the solutions featured in this case study could help your organization?

Contact our expert team today to arrange a brief discovery call
Contact Us