Making Cyber Risk an Enterprise Risk Management Concern
Drawing on his nearly 40 years of experience supporting hundreds of hospitals and health systems with compliance risk management and cyber risk management initiatives, Bob Chaput discusses the important collaboration between the Chief Risk Officer and the Chief Information Security Officer in developing a more comprehensive enterprise cyber risk management strategy for securing healthcare data, system and devices that is part of the organization’s broader Enterprise Risk Management program.
HIPAA Compliance and Cybersecurity Concerns for Physician Practice Groups
Baxter Lee, CFO, Clearwater, speaks to Nesrin Tift, Partner, Bass Barry & Sims, about the compliance and cybersecurity environment that physician practice groups face.
Building a Strong HIPAA Compliance and Data Privacy Program for Business Associates
Jon Moore, Chief Risk Officer and Senior Vice President of Consulting Services, Clearwater, speaks with Kezia Cook Robinson, Compliance and Privacy Officer, Uber Health, about building a strong HIPAA compliance and data privacy program for health care entities and business associates. The speakers discuss how Uber technology addresses social determinants of health, such as transportation issues. They also talk about the cybersecurity and risk management standards that business associates face and best practices for designing effective compliance programs, covered entities’ expectations of vendors, and HHS Office for Civil Rights enforcement.
Healthcare's Enterprise Cyber Risk Management Imperative
Catherine Short converses with Bob Chaput, Founder and Executive Chairman of the Board of Clearwater, a provider of healthcare compliance and cyber risk management software and consulting services, on the topic of “Healthcare’s Enterprise Cyber Risk Management Imperative.” Healthcare organizations continue to see escalating numbers of cyberattacks. It is no longer a matter of if your organization will be targeted, but when. What is at stake? Everything.
Privacy and Security Risks of APIs
Jon Moore, Clearwater, and Iliana Peters, Polsinelli PC, talk about the importance of application programming interfaces (APIs) in connection with health care data. The podcast discusses the recently issued OCR final rule and how the rule impacts APIs. The speakers also discuss common vulnerabilities associated with APIs and give practical tips on steps an organization can take before implementing an API.
The Need for HIPAA Risk Analysis in M&A Due Diligence
Jon Moore, Clearwater, and Iliana Peters, Polsinelli PC, discuss cyber risk as part of the due diligence process. Specifically, the podcast covers what steps an acquiring entity should take to limit its exposure to potential liabilities and reduce risk; ongoing management of risk and best practices; and risk analysis trends as a component of representations and warranties insurance.
HIPAA Privacy Proposed Rule - What Lawyers Need to Know
Wes Morris, Clearwater, and Kirk J. Nahra, WilmerHale, discuss the recently-issued Health Insurance Portability and Accountability Act (HIPAA) proposed rule. The podcast discusses key changes made by the proposal, including changes to the minimum necessary standard for care coordination and other information disclosure changes.
What Constitutes OCR-Quality Risk Analysis
Jon Moore, Clearwater, and Iliana Peters, Polsinelli PC, talk about what type of risk analysis the Department of Health and Human Services Office for Civil Rights (OCR) expects for compliance with the HIPAA Security Rule. The podcast discusses why it’s important to perform risk analysis at the information system level and the implications of not performing a comprehensive, enterprise-wide risk analysis. The speakers also make practical recommendations to help organizations evolve their approach to analyzing and responding to information security risk.
LEADER TO LEADER FEATURING BOB CHAPUT, FOUNDER AND EXECUTIVE CHAIRMAN OF CLEARWATER COMPLIANCE
In this podcast, Bob Chaput talks about changes in his role and the organization of the company. He also speaks on the importance of organizations investing in cybersecurity, risk analysis, and cyber-driven medical malpractice.