Looking for a resource based on a specific topic? 

Use our RESOURCE FINDER to make your search easier.

Union Benefits Administrator Says Data Deleted in Hack

Service Employees International Union 775 Benefits Group: PII and PHI Deleted


Upcoming Webinar:

IRM|Analysis® Demo – July 27, 2021 | 11:00am–12:00pm CT

Join Clearwater for a live demonstration of the power of the best tool in the industry used by hundreds of organizations to perform an OCR-Quality® Risk Analysis and managing related risk remediation actions.


The Paradigm Shift from ‘If’ to ‘When’: Ransomware Prevention and Mitigation Strategies for Your Healthcare Organization

Ransomware attacks on healthcare organizations are increasing and, unfortunately, they are also becoming incredibly more costly.

White Paper:

Why Secure Software Development is Critical for Healthcare Now and in the Future

As web application attacks continue to rise, today building security into web applications is more important than ever.

On-Demand Webinar:

Ransomware: Shifting the Paradigm From If to When – On Demand

ON DEMAND WEBINARS Ransomware: Shifting the Paradigm From IF to WHEN Upcoming Live Webinars Last year, more than a dozen health systems were driven into EHR downtime by ransomware attacks. Through the first half of 2021, we have seen that disturbing trend continue. It is unlikely to change soon, which means healthcare organizations need to…


OCR Enforcement Preparation | An Expert Panel Discussion with Industry Experts & OCR Officials

A Breakfast & Breaches® Event

Bob Chaput
Bob Chaput
Founder and Executive Chair, Clearwater

“This whole idea of board engagement, C-level engagement…is enabled greatly by doing what’s required in the Security Rule. And that is how are you going to avoid bad things happening until you know what your exposures are.”

Leon Rodriguez (2)
Leon Rodriguez
Former Director of the Office for Civil Rights & Partner at Seyfarth Shaw

“If you look at the settlements…the failure is not the failure to do a risk analysis in the first instance. It’s rather a failure to update the risk analysis. What it points to is not just the quality and comprehensiveness of the initial risk analysis but that it’s a constant process. You really need to be aware of how your environment is changing…It’s not just a one-time thing.”

Nick Heesters
Nick Heesters
Health Information Privacy & Security Specialist, Office for Civil Rights

“Often times, part of the Corrective Action Plan (CAP) is going to require the organization to do the risk analysis in the manner that OCR expects…as part of conducting that risk analysis, there is a requirement in the CAP to do an enterprise-wide inventory of all their systems and applications and how they interoperate with respect to the ePHI within the organization.”

Greg Ehardt
Greg Ehardt
Vice President & Chief Compliance and Privacy Officer, CHRISTUS Health

“Depending on the size of the organization, you might be able absorb the fines. It’s the reputation and the risk there that we’re weighing…You have to define what your risks are and where you want to put your money to address them.”

Stop the Cyber Bleeding

STOP THE CYBER BLEEDING: Book by Clearwater Founder & Executive Chairman, Bob Chaput

This Business Book Provides Healthcare Leaders with Guidance on How to Manage Growing Cyber Risk

"At this time of ever-increasing cyber risk, Stop the Cyber Bleeding distills, in an easy to read, non-technical format, information that every board member and C-suite executive should know to advise and protect their organization," Nicklaus Children's Health System Senior Vice President Jose Perdomo, RN, MHSA, JD

Learn more about the book and get your copy here.



What to Look for in a HIPAA Risk Analysis Company & Solution

We are often asked, “How do I go about selecting a reputable firm to complete an OCR-Quality HIPAA Security Risk Analysis that will meet the requirements of HIPAA and the Promoting Interoperability Program, satisfy the risk analysis component of an OCR Audit, OCR Investigation or CMS Meaningful Use/ Promoting Interoperability Audit, and reduce our risks of a breach or investigation?”

This Guide answers that question and provides an easy-to-use Security Risk Analysis Buyer's Guide Checklist to assist you in comparing alternative solutions and making your selection. DOWNLOAD HERE

30 minute guide to hiring the best risk analysis company

Stay in the know.  Get email updates whenever a new educational resource gets released.  Sign up now.