Clearwater Compliance understood our needs and our challenges, and, in addition to ensuring the completion of our risk analysis, trained our team to be self-sufficient in conducting our next risk analysis and how toapproach our risk treatment priorities.
Andrea Thomas-Lloyd, MBA, RHIA, CISSP, CHPS - Health Information Protection & Assurance, Lancaster General
Download PDF

Project Overview

Lancaster General Hospital (LGH) is regional, not-for-profit healthcare system with a reputation for excellence and was among 375 “Most Wired” hospitals and health systems in the nation for successful Health Information Technology (HIT) planning and implementation.  LGH healthcare system consists of three hospitals, 13 outpatient centers, a physician network, post-acute providers, three urgent care center, and a health clinic in a local retail establishment.

  • Conduct a current, objective risk analysis to meet Meaningful Use Stage-2 requirements and to comply with the HIPAA Security Rule.
  • Improve upon the risk management program as well as become self-sufficient at sustaining compliance with the risk analysis requirement.
  • Collaborated with the LG Health Team and completed full life-cycle NIST-based risk analysis according to HHS/OCR risk analysis guidance using Clearwater’s IRM|Analysis™ software.
  • Prioritized and recommended risk treatment activities.
  • Completed knowledge transfer to LG Health’s internal team to continue ongoing risk management work.
  • Completed an objective risk analysis to meet Meaningful Use Stage-2 and HIPAA Security Rule requirements.
  • Analyzed at-risk assets and populated Clearwater’s IRM|Analysis™ software with an initial remediation plan.
  • Established a risk management process and completed knowledge transfer to sustain on-going risk management processes.

Products & Services Employed

Contact Us

Interested in how the solutions featured in this case study could help your organization?

Contact our expert team today to arrange a brief discovery call
Contact Us