Too many organizations rely on checklists of controls; in some cases, they’re being bullied into using outdated checklists
Nashville, TN (PRWEB) November 24, 2015
Nashville, Tennessee – Clearwater Compliance, LLC has published a new white paper discussing the importance of adoption of the National Institute of Standards and Technology (NIST) approach to Information Risk Management (IRM) to improve the way in which sensitive information is safeguarded in the healthcare industry.
Specifically, the white paper “Harnessing the Power of the NIST Framework: Your Guide to Effective Information Risk Management” describes and recommends that organizations adopt and utilize these three components of the NIST IRM approach:
1) NIST Cybersecurity Framework;
2) NIST IRM Process; and,
3) A Maturity Model.
The white paper presents this 3-part NIST approach as providing organizations with a powerful, efficient and effective way to fortify their IRM program in a way to better protect all sensitive data from breaches. In addition to protected health information (PHI) healthcare covered entities and business associates create, receive, maintain or transmit many other sensitive data types which the white paper addresses.
Importantly, the white paper presents a business case for healthcare executives and sets out practical next steps to adopt the framework to help those in this industry establish, implement and mature a more strategic, business-oriented and architectural information risk management (IRM) approach and posture. It also provides them with access to numerous resources to assist them with making high quality decisions about IRM investments.
Clearwater has released this white paper to inform executives and staff of the importance of having a strong IRM program. As the risks to data increase, information security also becomes more of a challenge.
It is also their purpose to stress that information security is a complex, multifaceted challenge that requires participation across the entire organization.
“Too many organizations rely on checklists of controls; in some cases, they’re being bullied into using outdated checklists,” says Bob Chaput, Clearwater’s CEO and the white paper’s author. “Inherently incorrect in these controls checklists is their failure to consider other key elements of any robust IRM program: an organization’s unique information assets, threat sources, threat actions, and vulnerabilities.”
This new white paper focuses on why and how to establish, implement, and develop an organization’s information risk management program using the NIST approach. This ensures continuous improvement and the minimization of future risks. Given the increasing threats to sensitive information, healthcare organizations must elevate their IRM programs to safeguard all the sensitive, personal information with which they have been entrusted.The white paper can be downloaded for free on Clearwater’s site.
About Clearwater Compliance, LLC
Clearwater Compliance, LLC focuses on helping healthcare organizations and their service providers improve patient safety and the quality of care by assisting them to establish, operationalize and mature their information risk management programs. Led by veteran, C-suite healthcare executives, Clearwater provides comprehensive, by-the-regs software and tools, educational events, and expert professional/advisory services for healthcare organizations ranging from major healthcare systems, hospitals, health plans and Fortune 100 companies, to medical practices and healthcare startups. Since 2003, the company has served over 500 organizations. Find out more about our privacy, security, compliance and information risk management solutions at clearwatercompliance.com.