Uncategorized

Test 1.2.3.

By |January 15th, 2019|

Responding to an OCR breach investigation with an OCR-quality risk analysis

By |January 6th, 2019|

The Case for the NIST Cybersecurity Framework (CSF) in Healthcare Organizations

By |January 4th, 2019|

Healthcare’s Most Wired: National Trends 2018

By |January 4th, 2019|

Clearwater is proud to serve as a platinum sponsor of this year’s Most Wired research and CHIME Healthcare’s Most Wired 2018 National Trends Report.

What Does IRM Mean?

By |December 17th, 2014|

What Does IRM Mean? IRM stands for Information Risk Management. The term is often abbreviated to IRM. Risk Management defined in ISO 31000 as “the effect of uncertainty on objectives”. Not a terribly helpful description. Information Risk Management can better be summarized as the identification, assessment, and prioritization of risks to sensitive information.  Elements of […]

164.308(a)(2) Administrative safeguards – Standard: Assigned security responsibility

By |December 22nd, 2012|

This entry is part 3 of 3 in the series Complete Guide to HIPAA Security Final Rule

(a) A covered entity must, in accordance with § 164.306: (2) Standard: Assigned security responsibility. Identify the security official who is responsible for the development and implementation of the policies and procedures required by this subpart for the entity. Tell Me More: The Assigned Security Responsibility standard is also the implementation specification.  The objectives of this […]

164.308(a)(5)(ii)(B) Standard: Security awareness and training – Protection from malicious software

By |December 22nd, 2012|

This entry is part 1 of 3 in the series Complete Guide to HIPAA Security Final Rule

(ii) Implementation specifications:  (B) Protection from malicious software (Addressable). Procedures for guarding against, detecting, and reporting malicious software. Tell Me More: The Protection from Malicious Software implementation specification requires covered entities to address implementing procedures for guarding against, detecting, and reporting malicious software.  Malicious software refers to viruses, worms, Trojan horses and backdoor programs. Malicious […]

164.308(a)(7)(ii)(C) Standard: Contingency Planning Guide – Emergency mode operation plan

By |December 19th, 2012|

This entry is part 2 of 3 in the series Complete Guide to HIPAA Security Final Rule

(ii) Implementation specifications: (C) Emergency mode operation plan (Required). Establish (and implement as needed) procedures to enable continuation of critical business processes for protection of the security of electronic protected health information while operating in emergency mode. Tell Me More: The Emergency Mode Operation Plan implementation specification is an interesting one!  The name suggests a […]

Show Buttons
Hide Buttons