Clearwater Compliance Launches Version 3.0 of its HIPAA Risk Analysis™ Software-as-a-Service Solution

Share Article

Enhancements Reflect Customer Feedback, Latest NIST Standards for Security and Privacy Controls and Changing Threat Landscape

News Image
With this tool, it’s easy to manage a large amount of disparate information asset data, analyze all relevant threats and vulnerabilities and focus on the exposures that truly matter. --Pete Niner, CISSP

Nashville, Tenn.– (PR Web) – September 23, 2013

Clearwater Compliance announced today at the HIMSS Media and HealthcareITNews Privacy and Security Forum that it has released version 3.0 of its market-leading Clearwater HIPAA Risk Analysis™ Software-as-a-Service to help its customers systematically assess and manage risk while meeting the explicit requirements of the HIPAA Security Rule.

The updates to the software reflect key learnings, customer feedback and adjustments in direct response to the fourth revision of the government's computer security controls guide and catalog, “Security and Privacy Controls for Federal Information Systems and Organizations” known as "SP (Special Publication) 800-53." Published by the National Institute of Standards and Technology (NIST) in April of 2013, this revision provided the most comprehensive update to information system security controls and safeguards since the document's inception in 2005 and includes the addition of approximately 200 new controls.

The Clearwater HIPAA Risk Analysis™ software automates the workflow set out in HHS/OCR “Guidance on Risk Analysis Requirements under the HIPAA Security Rule” and “NIST SP800-30 Revision 1 Guide for Conducting Risk Assessments” to enable organizations to operationalize their risk analysis and risk management program.

Clearwater’s latest software release also coincides with the September 23rd enforcement date for the Omnibus Final Rule and a brand new world of HIPAA enforcement by the OCR.

“With this tool, it’s easy to manage a large amount of disparate information asset data, analyze all threats and vulnerabilities and focus on the exposures that truly matter. Clearwater has done a great job of simplifying a complex, detail-driven risk analysis,” according to Pete Niner, CISSP and Managing Director at Techumen.

“The significant changes in standards, coupled with the OCR’s promised rigorous enforcement of the Omnibus Final Rule, creates a very challenging situation for most covered entities and business associates,” said Bob Chaput, CEO and Founder of Clearwater Compliance. “It’s our job to help customers respond to these new demands by ensuring that our software offers them a comprehensive, up-to-date and systematic means of becoming and remaining HIPAA compliant.”

Now in its third generation, the Clearwater HIPAA Risk Analysis™ software provides an approach and methodology to meet HIPAA and Meaningful Use requirements for security program compliance. It strictly follows the HHS/OCR guidance for Security Risk Analysis and harnesses the power of the NIST security framework. This software helps organization identify threats and vulnerabilities, enables organizations to highlight security control deficiencies and automatically creates a list of prioritized security risks to drive informed risk management decisions.

Clearwater has been recognized for its methodology-, process-, thought- and software-leadership in the HIPAA compliance space, as a result of delivering smart technologies to guide, inform, track, improve and report the status of compliance programs. Clearwater consistently invests in research and product development to reflect the latest regulatory standards and industry best practices. In addition to the HIPAA Risk Analysis software, the company also offers software solutions for Privacy & Breach Notification Rule as well as Security Rule compliance assessment along with consulting services to complete these self-audits.

“Our software products offer living, breathing compliance solutions based strictly on the Privacy, Security and Breach Notification Rules, which means you can have faith the information and guidance you receive is accurate and complete and the approach is proven,” said Chaput. “This latest version of our Risk Analysis solution offers a valuable update for our current subscribers and a powerful tool for organizations who still need a robust tool to enable them to satisfy the specific requirements of the HIPAA Security Rule.”

The software is available on an annual subscription basis. Organizations that are interested in learning more about Clearwater’s industry-leading risk analysis software can access detailed information here. Reader's are also encouraged to download the Clearwater whitepaper entitled "Risky Business: How to Conduct a Bona Fide HIPAA Security Risk Analysis"

As an added benefit for subscribers, Clearwater Compliance continually monitors threats, vulnerabilities and modifications to NIST security controls and updates the risk analysis tool in real time to automatically reflect any changes in the threat-vulnerability-controls space. Subscribers have ongoing access to the risk analysis, its dashboards, reports and remediation planning to measure continued progress. Additionally, subscribers receive monthly updates on HIPAA-HITECH and have access to online support and vast privacy, security and data breach resources. The Clearwater HIPAA Risk Analysis™ can be used as frequently as an organization requires, as specified in the regulations, to ensure ongoing compliance and offers progress note and management capabilities to provide a secure repository for the organization’s HIPAA risk analysis profile.

# # #

About Clearwater Compliance
Clearwater Compliance, LLC, is all about and only about helping healthcare organizations and their service providers become and remain HIPAA-HITECH Compliant. Owned and operated by veteran, C-suite health care executives, Clearwater Compliance provides comprehensive, by-the-regs compliance software and tools, risk management solutions, training, and professional services for small medical practices and healthcare startups to major healthcare systems, health plans and Fortune 100 companies. Since 2010, the company has served more than 350 organizations. Find out more at

# # #

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Elaine Axum
Visit website