Clearwater provides customers with guidance and purpose-built software to protect patient data

Clearwater announced The Clear Advantage Program for Business Associates, a special offering from the healthcare cybersecurity solutions provider, enabling its customers to implement and mature a best-in-class cyber risk management and HIPAA compliance program.

Clearwater developed The Clear Advantage Program for Business Associates in recognition of the need for the partner organizations that interact with the electronic protected health information (ePHI) maintained by healthcare providers to strengthen their ability to keep the information secure.

The spotlight recently shone bright on just how important such programs are to companies deemed “business associates” under the federal HIPAA law when news surfaced of the Google-Ascension Health collaboration dubbed “Project Nightingale”.

When health systems and providers work with technology and other vendor partners, the first thing they want to know is what those partners are doing to protect the exchange of personal health data.

“Business Associates, as they are classified under HIPAA, play a vital role in the U.S. healthcare system, providing innovative solutions that advance the way care is accessed, delivered, managed, and paid for,” said Clearwater CEO Steve Cagle.

“Through The Clear Advantage Program, we are helping ensure that concerns over the security of new solutions don’t stifle innovation. Our best-in-class offering provides a distinct competitive advantage to our customers, broadening their value propositions by instilling trust with existing and prospective partners and demonstrating they’re serious about being good stewards of patient information.”

Cyber attacks, projected to cost the U.S. economy more than $2 trillion in 2019 alone, have hit the healthcare industry especially hard over the past several years due to the increasing availability and high value of healthcare data.

In addition to costs incurred from breach-related lawsuits, addressing vulnerabilities, and loss of patient trust, The Department of Health and Human Services Office for Civil Rights (OCR) has been actively issuing fines to organizations that have failed to take steps to prevent a breach.

As providers are ultimately responsible for protecting patient data, they must ensure their partners’ information systems are adequately secured.

As the leading provider of enterprise cyber risk management software and consulting services for healthcare organizations, Clearwater drew on its intimate understanding of the information security needs and requirements of providers to develop The Clear Advantage Program for Business Associates.

Uber Health is one of the non-health system customers to recognize the value of Clearwater’s expertise, engaging the company to help ensure its systems and infrastructure are secure and fully compliant with healthcare industry standards.

As an outgrowth of that work, Clearwater developed The Clear Advantage Program for Business Associates, which provides all the elements entities that serve provider organizations need to build and mature a strong cyber risk management and HIPAA compliance capability, including:

• Leadership from an experienced Virtual Chief Information Security Officer and/or Chief Privacy Officer where needed
• Subscription to Clearwater’s IRM|Pro Enterprise Cyber Risk Management Software
• Cyber risk management program development and governance
• HIPAA policy and procedure development and workforce training
• Annual security risk analyses and compliance assessments
• Ongoing compliance gap and risk remediation
• Quarterly vulnerability scans and monitoring
• Annual penetration testing
• Assistance responding to provider security assessments