Healthcare's Enterprise Cyber Risk Management Imperative

Catherine Short converses with Bob Chaput, Founder and Executive Chairman of the Board of Clearwater, a provider of healthcare compliance and cyber risk management software and consulting services, on the topic of “Healthcare’s Enterprise Cyber Risk Management Imperative.” Healthcare organizations continue to see escalating numbers of cyberattacks. It is no longer a matter of if your organization will be targeted, but when. What is at stake? Everything.

Privacy and Security Risks of APIs

Jon Moore, Clearwater, and Iliana Peters, Polsinelli PC, talk about the importance of application programming interfaces (APIs) in connection with health care data. The podcast discusses the recently issued OCR final rule and how the rule impacts APIs. The speakers also discuss common vulnerabilities associated with APIs and give practical tips on steps an organization can take before implementing an API.

The Need for HIPAA Risk Analysis in M&A Due Diligence

Jon Moore, Clearwater, and Iliana Peters, Polsinelli PC, discuss cyber risk as part of the due diligence process.  Specifically, the podcast covers what steps an acquiring entity should take to limit its exposure to potential liabilities and reduce risk; ongoing management of risk and best practices; and risk analysis trends as a component of representations and warranties insurance.

HIPAA Privacy Proposed Rule - What Lawyers Need to Know

Wes Morris, Clearwater, and Kirk J. Nahra, WilmerHale, discuss the recently-issued Health Insurance Portability and Accountability Act (HIPAA) proposed rule. The podcast discusses key changes made by the proposal, including changes to the minimum necessary standard for care coordination and other information disclosure changes.

What Constitutes OCR-Quality Risk Analysis

Jon Moore, Clearwater, and Iliana Peters, Polsinelli PC, talk about what type of risk analysis the Department of Health and Human Services Office for Civil Rights (OCR) expects for compliance with the HIPAA Security Rule. The podcast discusses why it’s important to perform risk analysis at the information system level and the implications of not performing a comprehensive, enterprise-wide risk analysis. The speakers also make practical recommendations to help organizations evolve their approach to analyzing and responding to information security risk.


In this podcast, Bob Chaput talks about changes in his role and the organization of the company. He also speaks on the importance of organizations investing in cybersecurity, risk analysis, and cyber-driven medical malpractice.

Click here to listen