Nicklaus Children’s initially engaged Clearwater to complete important HIPAA Security Rule compliance and risk analysis work in 2012. Their team exceeded our expectations and, as validation of our confidence in them, we engaged them again in 2014 to complete that work again, as required in the regulations. Consummate professionals with exceptional customer service.
Nicklaus Children’s Hospital (NCH), part of the Miami Children’s Health System, is a world leader in pediatric healthcare.
As a recipient of Florida’s Medicaid Incentive Payments for Electronic Health Records and as part of the Adopting, Implementing or Upgrading (AIU) Incentive Program, Nicklaus Children’s is subject to OIG audits to demonstrate meaningful use of certified technologies.
- To ensure compliance with HIPAA-HITECH Security Rule requirements
- To readily and comprehensively satisfy OIG requests in an upcoming audit
- Utilizing Clearwater HIPAA Security Assessment Software, conducted a HIPAA Security Rule WorkShop, assessed Nicklaus Children’s compliance with HIPAA Security Rule
- Utilizing Clearwater Information Risk Analysis Software, identified and assessed risks to Nicklaus Children’s assets to meet HIPAA Security and Meaningful (MU) requirements
- Utilizing Clearwater audit experience and expertise and to describe the security work completed, prepared responses and presentations for upcoming OIG audit
- Completed a rigorous compliance assessment as required by the HIPAA Security Rule regulation for a Security Evaluation (45 C.F.R. § 164.308(a)(8))
- Established a compliance baseline score; identified and prioritized compliance remediation activities
- Completed a bona fide risk analysis as required by the HIPAA Security Rule Requirement (45 C.F.R. § 164.308(a)(1)(ii)(A)) and MU Stage I and II requirements
- Identified high-risk exposures and prioritized mitigation activities to reduce those exposures
- No adverse findings or remediation requirements resulting from OIG Audit
Products & Services Employed
Latest posts by Elaine Axum (see all)
- OCR getting tougher about information security - October 12, 2016
- A CIO, consultant and infosec vendor nail down cybersecurity best practice lists - October 10, 2016
- Tech Remedies for Regulatory Compliance - October 1, 2016