Nicklaus Children’s Hospital Case Study

Nicklaus Children’s initially engaged Clearwater to complete important HIPAA Security Rule compliance and risk analysis work in 2012. Their team exceeded our expectations and, as validation of our confidence in them, we engaged them again in 2014 to complete that work again, as required in the regulations. Consummate professionals with exceptional customer service.

Jose Perdomo, MHSA, JD - Chief Ethics and Compliance Officer, Nicklaus Children’s Hospital

Project Overview

Nicklaus Children’s Hospital (NCH), part of the Miami Children’s Health System, is a world leader in pediatric healthcare.

As a recipient of Florida’s Medicaid Incentive Payments for Electronic Health Records and as part of the Adopting, Implementing or Upgrading (AIU) Incentive Program, Nicklaus Children’s is subject to OIG audits to demonstrate meaningful use of certified technologies.

Challenges

To ensure compliance with HIPAA-HITECH Security Rule requirements
To readily and comprehensively satisfy OIG requests in an upcoming audit

Solutions

Utilizing Clearwater HIPAA Security Assessment Software, conducted a HIPAA Security Rule WorkShop, assessed Nicklaus Children’s compliance with HIPAA Security Rule
Utilizing Clearwater Information Risk Analysis Software, identified and assessed risks to Nicklaus Children’s assets to meet HIPAA Security and Meaningful (MU) requirements
Utilizing Clearwater audit experience and expertise and to describe the security work completed, prepared responses and presentations for upcoming OIG audit

Outcomes

Completed a rigorous compliance assessment as required by the HIPAA Security Rule regulation for a Security Evaluation (45 C.F.R. § 164.308(a)(8))
Established a compliance baseline score; identified and prioritized compliance remediation activities
Completed a bona fide risk analysis as required by the HIPAA Security Rule Requirement (45 C.F.R. § 164.308(a)(1)(ii)(A)) and MU Stage I and II requirements
Identified high-risk exposures and prioritized mitigation activities to reduce those exposures
No adverse findings or remediation requirements resulting from OIG Audit

Download PDF

Products & Services Employed

IRM|Analysis™ – Clearwater’s HIPAA Risk Analysis Software

This software provides an approach and methodology to meet HIPAA and Meaningful Use requirements. With Clearwater, you can be confident that your risk analysis is “by-the-book.”

IRM|Security™ – Clearwater’s HIPAA Security Assessment Software

This unique software distills the HIPAA HITECH Security requirements into an easy to use tool that also creates a robust remediation project plan.

HIPAA Risk Analysis WorkShop™

Our HIPAA Risk Analysis WorkShop™ combines our proven methodology and process with a robust proprietary software solution and hands on training from a team of seasoned experts.

Interested in how the solutions featured in this case study could help your organization?

Contact our expert team today to arrange a brief discovery call

About
Latest Posts

Elaine Axum

Latest posts by Elaine Axum (see all)

OCR getting tougher about information security - October 12, 2016
A CIO, consultant and infosec vendor nail down cybersecurity best practice lists - October 10, 2016
Tech Remedies for Regulatory Compliance - October 1, 2016

The Clearwater Compliance website has been a critical source of information for my HIPAA compliance efforts over many years. The information format is easy to read and understand, and it gets to the point. Clearwater Compliance obviously cares about helping us keep out of trouble!

Tim Moser, Shawnee Township Fire Department

We choose Clearwater because they are a front runner in consulting and assisting with this area. And, they also have developed Risk Analysis software to help you meet the Meaningful Use criteria and qualify for incentives. They may be listed as a consulting group, but they will also train and adjust to whatever is needed based upon your in-house expertise.

Wayne Richmond, Princeton Community Hospital