The Health Information Technology for Economic and Clinical Health Act (HITECH), passed as part of the American Recovery and Reinvestment Act (ARRA), added new categories of violations and increased fines for HIPAA non-compliance. The Office for Civil Rights (OCR) within the Department of Health and Human Services is vigorously enforcing these new rules.

Through Clearwater’s OCR Enforcement Advisory Services our professionals assist our customers in dealing with HITECH’s requirements and limiting OCR’s bite by:

Providing the support and advice you need to prepare for a breach before it happens

Helping you recover after a breach occurs

Assisting you in responding to requests for information if OCR opens an investigation

Aligning your compliance activities with a Corrective Action Plan if one is put in place.

Using lessons learned from previous OCR audits, investigations and enforcement actions, our team of subject matter experts helps you minimize your compliance, financial and reputational risk.
We do this by:

Strengthening your breach response capability

Preparing you and your team for a potential OCR investigation

Coordinating and supporting your response and communications with OCR

Scheduling and documenting your cyber risk management actions

OCR Enforcement Advisory Services

Clearwater assisted us throughout the OCR Investigation process.  As a direct result, we were able to negotiate a potential $3.9 million civil money penalty down to a $0.4 million negotiated settlement amount.

Former Privacy Officer, Idaho State University

Interested in how we can help your organization with OCR enforcement advisory services?

Health Management Technology - September/October 2018
Download "Responding to an OCR breach investigation with an OCR-quality risk analysis"