One of our portfolio companies was on a tight schedule and the Clearwater team stepped in, completed a high-level assessment, formulated a strategic plan and delivered on the established priorities while minimizing distraction of the Company’s workforce.
Stephen Phenneger, Operating Partner, Cressey & Co
Download PDF

Cressey & Company is a private-equity majority-owned data analytics portfolio company serving the post-acute provider space with a laser-focused mission ‘to raise the bar in post-acute care nationwide on healthcare operations performance’; thus, enhancing patient outcomes and tracking patient experience through proprietary algorithms and industry benchmarking.

Challenges

  • To ensure compliance with HIPAA Privacy, Security and Breach Notification regulations before sale of company
  • To meet growing customer contractual requirements as a Business Associate to major national Covered Entities
  • To identify and remediate all potential privacy, security and compliance risks and liabilities
  • To accomplish all objectives with minimal organizational impact to enable company staff to focus on growth

Solutions

  • Completed Clearwater HIPAA Compliance 10-Point Strategic Assessment™ and Strategic Plan
  • Determined applicable Privacy Rule requirements with Clearwater BA Privacy Rule Determination™ evaluator
  • Conducted HIPAA Security, Privacy & Breach Notification Assessments using Clearwater WorkShop™ process and software
  • Conducted rigorous HIPAA Security Risk Analysis using Clearwater software
  • Provided expert Interim Privacy & Security Officer services to expedite program implementation and results

Outcomes

  • Identified enhancements to compliance and security programs
  • Prioritized and rapidly executed roadmap
  • Strengthened policies and procedures and updated training materials
  • Completed the HIPAA Security Rule requirement to conduct a rigorous compliance assessment
  • Completed the HIPAA Security Rule requirement to conduct a rigorous risk analysis
  • Established a plan for ongoing monitoring and reporting activities including annual assessments
  • Bottom Line: Made HIPAA Compliance a non-issue, thereby facilitating successful sales transaction

Products & Services Employed

IRM|Analysis™ – Clearwater’s HIPAA Risk Analysis Software

This software provides an approach and methodology to meet HIPAA and Meaningful Use requirements. It strictly follows the HHS/OCR guidance for Security Risk Analysis and harnesses the power of the NIST risk assessment processes.

IRM|Security™ – Clearwater’s HIPAA Security Assessment Software

This unique software provides an approach and methodology to meet HIPAA requirements. It distills the HIPAA HITECH Security requirements into an easy to use tool that also creates a robust remediation project plan.

IRM|Privacy™ – Clearwater’s HIPAA Privacy and Breach Notification Assessment Software

IRM|Privacy™is Clearwater’s best-in-class solution for managing compliance with the HIPAA Privacy and Breach Notification Rule. Help your organization become and remain compliant with the HIPAA Privacy and Breach Notification Rule through our innovative software solution.
Contact Us

Interested in how the solutions featured in this case study could help your organization?

Contact our expert team today to arrange a brief discovery call
Contact Us

Elaine Axum

Latest posts by Elaine Axum (see all)