The Annual Safeguarding Health Information: Building Assurance through HIPAA Security Hosted by the HHS Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) took place late October in DC. This post will...
Anthem Breach Learnings: HITRUST Certification Is Not A Replacement for An Enterprise Security Risk Analysis
The recent $16 million HIPAA settlement with Anthem, Inc. in the wake of the 2015 breach of nearly 79 million records, has been well publicized. In this case, the Office for Civil Rights (OCR) found that Anthem failed to take several basic...
Key Takeaways From the Safeguarding HIPAA Summit
The Annual Safeguarding Health Information: Building Assurance through HIPAA Security Hosted by the HHS Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) took place last week in DC. In this post I will...
Medical Device Security and CIO Insomnia
During a conversation over drinks with a number of CIOs at a recent healthcare conference, I discovered that the number one concern that keeps most healthcare executives up at night is the security of their medical devices. That was somewhat...
Panaceas, Shiny Objects and the Importance of Managing Risk in a Healthcare Environment–Part 3
Is there a more challenging position anywhere in information security than that of a healthcare organization’s cyber risk management leader? If there is, I can’t think of what it would be. Whether your title is CISO, CSO, CTO, CIO or some...
Strengthening Your Cybersecurity Ecosystem — One Step at a Time
Every day, it seems, cyber criminals figure out new ways to attack hospitals and compromise patient data and safety. As the number and intensity of cyber attacks on healthcare organizations increase, the task of establishing an effective...
Panaceas, Shiny Objects and the Importance of Managing Risk in a Healthcare Environment–Part 2
Healthcare CIOs, CISOs, and other information risk management leaders face daunting challenges when it comes to deciding where to apply their limited resources to make the biggest difference in their organization’s cyber risk posture. As I...
Panaceas, Shiny Objects and the Importance of Managing Risk in a Healthcare Environment–Part 1
You’re the CISO of a healthcare organization and you just sat through an amazing sales presentation by one of your security vendors. You are considering cutting a PO to purchase that new security tool. You’ve been thinking for some time about...
Clearwater Helps Organizations Strengthen Cyber Defenses with New OCR-Quality Technical Testing Services
Advanced Solution Exposes Hidden Vulnerabilities, While Validating Organization’s Most Important Safeguards
Bob and Mary Chaput featured in Health Data Management: "How cyber risk is affecting medical professional liability"
HIT Think - How cyber risk is affecting medical professional liability
Health Care Information Privacy, Security, Compliance and Risk Management Solutions from Clearwater Compliance have earned the 
