CASE STUDY

Cressey & Company

Project Overview

Cressey & Company is a private-equity majority-owned data analytics portfolio company serving the post-acute provider space with a laser-focused mission ‘to raise the bar in post-acute care nationwide on healthcare operations performance’; thus, enhancing patient outcomes and tracking patient experience through proprietary algorithms and industry benchmarking.

Challenges

To ensure compliance with HIPAA Privacy, Security and Breach Notification regulations before sale of company.
To meet growing customer contractual requirements as a Business Associate to major national Covered Entities.
To identify and remediate all potential privacy, security and compliance risks and liabilities.
To accomplish all objectives with minimal organizational impact to enable company staff to focus on growth.

Solutions

Completed Clearwater HIPAA Compliance 10-Point Strategic Assessment™ and Strategic Plan.
Determined applicable Privacy Rule requirements with Clearwater BA Privacy Rule Determination™ evaluator.
Conducted HIPAA Security, Privacy & Breach Notification Assessments using Clearwater WorkShop™ process and software.
Conducted rigorous HIPAA Security Risk Analysis using Clearwater software.
Provided expert Interim Privacy & Security Officer services to expedite program implementation and results.

Outcomes

Identified enhancements to compliance and security programs.
Prioritized and rapidly executed roadmap.
Strengthened policies and procedures and updated training materials.
Completed the HIPAA Security Rule requirement to conduct a rigorous compliance assessment.
Completed the HIPAA Security Rule requirement to conduct a rigorous risk analysis.
Established a plan for ongoing monitoring and reporting activities including annual assessments.
Bottom Line: Made HIPAA Compliance a non-issue, thereby facilitating successful sales transaction.

Download Case Study

The Clearwater Compliance website has been a critical source of information for my HIPAA compliance efforts over many years. The information format is easy to read and understand, and it gets to the point. Clearwater Compliance obviously cares about helping us keep out of trouble!

Tim Moser

Shawnee Township Fire Department

We choose Clearwater because they are a front runner in consulting and assisting with this area. And, they also have developed Risk Analysis software to help you meet the Meaningful Use criteria and qualify for incentives. They may be listed as a consulting group, but they will also train and adjust to whatever is needed based upon your in-house expertise.

Wayne Richmond

Princeton Community Hospital

Products & Services Employed

IRM|Analysis™

Clearwater’s HIPAA Risk Analysis Software

This software provides an approach and methodology to meet HIPAA and Meaningful Use requirements. It strictly follows the HHS/OCR guidance for Security Risk Analysis and harnesses the power of the NIST risk assessment processes.

IRM|Security™

Clearwater’s HIPAA Security Assessment Software

The Clearwater Information Risk Management Capability Advancement Model™ enables organizations to evaluate information risk management capabilities consistently, and help make informed decisions about information risk management investments.

IRM|Privacy™

Clearwater’s HIPAA Privacy and Breach Notification Assessment Software

IRM|Privacy™ is Clearwater’s best-in-class solution for managing compliance with the HIPAA Privacy and Breach Notification Rule. Help your organization become and remain compliant with the HIPAA Privacy and Breach Notification Rule through our innovative software solution.

Tim Moser

Shawnee Township Fire Department

Wayne Richmond

Princeton Community Hospital

About Clearwater

Clearwater Compliance helps healthcare organizations ensure patient safety and improve the quality of care by safeguarding the confidentiality, integrity and availability of protected health information (PHI). We have assisted more than 400 customers to operationalize and mature their information privacy, security, compliance and information risk management programs. And in the process, we are raising the bar for safeguarding PHI, protecting millions of Americans and driving real value for the organizations we support and the healthcare industry at large.