A new managed solution designed to help CIOs and CISOs in healthcare organisations with security compliance and risk management.
Healthcare compliance and information risk management (IRM) provider Clearwater Compliance has introduced Cyber Risk Services (CRS).
Endorsed by the American Hospital Association, this new managed solution is designed to help CIOs and CISOs in healthcare organisations with security compliance and risk management.
The highly visible and significant public attention to ransomware attacks in healthcare has accelerated a top-down cyber risk governance process and board-level involvement.
While hospital boards focus on strategic direction from a broad high-level perspective, the CIO is focused on a holistic service that will unburden staff and quickly mature their enterprise compliance and cyber risk management programme.
“Hospitals are doing more than ever to ensure they continue to protect the confidentiality, integrity and availability of patient information in this rapidly-changing environment of healthcare transformation,” said Doug Shaw, chief operating and development officer, Health Forum, the strategic business enterprise of the American Hospital Association.
“Due to the constantly evolving threats to information security, hospital leaders today need a comprehensive, cost-effective approach to safeguard a hospital’s data, systems and reputation, and we are pleased to endorse Clearwater’s latest solution so hospitals can continue their proactive efforts around cyber security.”
Clearwater’s Cyber Risk Services (CRS) solution is backed by front-line, real-world experience with deep information privacy and security skill sets that help hospitals and health systems establish, implement and cost-effectively mature their IRM programs.
CRS is a three-year programme that addresses and advances all aspects of an organisation’s IRM programme including governance, people, processes, technology and organisational engagement.
In addition, in the event of an OCR enforcement action, CRS will provide onsite support in preparing a response and evidence, without additional charge and within two business days, and remain engaged throughout any OCR enforcement process.
CRS, which includes Clearwater’s award-winning IRM|Pro software, assists organisations in becoming self-sufficient over the three-year programme term.
CRS is designed to maximize knowledge transfer effectiveness by working alongside resource-constrained IT, security and risk management teams.
Clearwater healthcare information experts ensure the implementation of industry best practices in cyber risk visibility, help to eliminate process variation and expedite data protection strategies across the entire organisation.
The CRS proprietary approach draws heavily on the NIST approach to information risk management and is in accordance with guidelines set out by the Office for Civil Rights (OCR).
“Clearwater is proud to offer hospital leaders a comprehensive, cost-effective approach to ensure patient safety, and safeguard a hospital’s finances and reputation,” said Bob Chaput, CEO and founder of Clearwater Compliance.
“Organisations can realize a proven security infrastructure through adoption of the National Institute of Standards and Technology (NIST) IRM approach.”
“Healthcare’s efforts to protect the confidentiality, integrity and availability of patient information in the rapidly changing environment of healthcare transformation and increasing cyber risks are more intensive than ever,” said David Finn, IT Security Officer at Symantec Corporation.
“However, those efforts are hampered by the need for additional training and education, time, resources and budget in the area of cybersecurity and information risk management. Healthcare leaders today need a comprehensive, long-term strategy to ensure patient safety and safeguard the organization’s finances and reputations and their patient’s information and care. Information risk management is not a product; it is a process and culture.
“Clearwater’s solution not only addresses the tactics but also turns it to strategy; it aligns technology and business risk and builds a solid foundation for both. Not just a solution, it drives evolution so organizations can worry less about cybersecurity and focus on the business—taking care of patients,” he added.
If you liked this, you might want to read the following:
Personal data security must be assured if smart cities are to thrive
Cloud security firm says security must be universally regarded as an enabler not merely a cost or requirement
IoT security spending on the rise
By 2020, Gartner predicts that more than 25 percent of identified attacks in enterprises will involve IoT, although it will account for less than 10 percent of IT security budgets
SINGAPORE REPORT: IMDA partners with non-profit organisations and IT providers for smart healthcare delivery
IoT technology harnessed to new smart community initiatives