SHIELDS for Families Case Study

As a non-profit working with an under served population, we needed to find expert resources to respond quickly and effectively to the data requests and
questions from OCR following the theft of a server. With Clearwater’s help, our response was timely, accurate and compelling. Bottom Line: No fines were assessed.

Chris Igonia-Mock, JD Policy Analyst/HIPAA Compliance Officer, SHIELDS for Families

Project Overview

Incorporated in 1991, SHIELDS for Families is a community-based, non-profit 501(c)(3) organization serving families residing in South Los Angeles. SHIELDS currently employs over 380 full-time employees with an annual budget of over $28 million to serve 10,000 families annually in 39 programs. The organization self-reported a breach to OCR and six months later received an information request list.

Challenges

To respond to a detailed information request list from OCR regarding a breach
To establish and declare the organization as a hybrid entity
To identify any other security or compliance gaps that exist and prioritize a remediation plan

Solutions

Developed content and organized information to reply to OCR’s requests through research and interviews
Completed HIPAA risk analysis using Clearwater’s IRM|Analysis™ software
Cross walked Policies and Procedures to the HIPAA regulations and provided recommendations and templates to strengthen
Examined organizational structure and programs to define hybrid and HIPAA/non-HIPAA components

Outcomes

No fines, penalties or corrective action plans were assessed by OCR for the breach
Met the Security Rule requirement to conduct a comprehensive risk analysis and strengthened SHIELDS security program
Established the organization as a hybrid and identified the HIPAA Healthcare Components
Strengthened SHIELDS’ compliance program through updated policies and procedures, including incident response

Download PDF

Products & Services Employed

IRM|Pro™ – Clearwater’s Suite of Compliance Software

Clearwater’s IRM|Pro is a complete and comprehensive suite of best-in-class software that enables covered entities and business associates to become and remain compliant with HIPAA-HITECH faster, cheaper and more thoroughly.

HIPAA Policy and Procedure ToolKits

Clearwater’s HIPAA Policy and Procedure Toolkits contain a complete set of HIPAA Policy and Procedure Templates to satisfy the strict requirements of the regulations.

Interested in how the solutions featured in this case study could help your organization?

Contact our expert team today to arrange a brief discovery call

About
Latest Posts

Elaine Axum

Latest posts by Elaine Axum (see all)

OCR getting tougher about information security - October 12, 2016
A CIO, consultant and infosec vendor nail down cybersecurity best practice lists - October 10, 2016
Tech Remedies for Regulatory Compliance - October 1, 2016

The Clearwater Compliance website has been a critical source of information for my HIPAA compliance efforts over many years. The information format is easy to read and understand, and it gets to the point. Clearwater Compliance obviously cares about helping us keep out of trouble!

Tim Moser, Shawnee Township Fire Department

We choose Clearwater because they are a front runner in consulting and assisting with this area. And, they also have developed Risk Analysis software to help you meet the Meaningful Use criteria and qualify for incentives. They may be listed as a consulting group, but they will also train and adjust to whatever is needed based upon your in-house expertise.

Wayne Richmond, Princeton Community Hospital