The HIPAA Security Rule, as well as the National Institute of Standards and Technology (NIST) and other standards, stipulate that risk analysis and risk management should be continuous, and not performed at a single point in time. However, for various reasons, many healthcare organizations treat these key functions as a once and done process.
As described by NIST, “The objective is to institutionalize risk management into the day‐to‐day operations of organizations as a priority and an integral part of how organizations conduct operations in cyberspace — recognizing that this is essential in order to successfully carry out missions in threat‐laden operational environments.”
During this session, Clearwater CEO Steve Cagle and Head of Consulting Services Jon Moore will review a new managed service offering the company has developed to help healthcare providers build and operate a Cyber Risk Management program that is reasonable and appropriate for their needs, meets HIPAA Security Rule Risk Analysis, Risk Management, Technical and Non-Technical Evaluation requirements, and aided by the power of a purpose-built software tool, provides the ability to maintain and provide timely information on their unique risks for decision making within the organization.
Attendees will be asked to share their feedback on the Cyber Risk Management challenges their organization is facing and how effectively the offering addresses those challenges.

Steve Cagle,
Chief Executive Officer​,
Clearwater

Jon Moore MS, JD, HCISPP,
Chief Risk Officer | SVP Consulting Services,
Clearwater