AHA Endorsement:

Health Care Information Privacy, Security, Compliance & Risk Management

“We chose Clearwater because they are a front runner in consulting [in] this area. And, they also have developed Risk Analysis software to help you meet the Meaningful Use criteria and qualify for incentives. Clearwater … train[ed] us on the application [so] we may perform audits and assessments at any time." – Wayne Richmond, Data Security Officer, Princeton Community Hospital

The passage of the HITECH Act, the publication of the Final HIPAA Omnibus Rule and the movement to the use of electronic health records and health information exchange have made information risk management and compliance efforts a critical issue for health care providers. Hospitals and health care systems now need to take the necessary steps to ensure they and their business associates are doing everything they can to keep protected health information (PHI) safe.

By expanding the focus of their risk management to the inherent risks to the privacy and security of their patient information, hospitals can not only avoid costs associated with data breaches and penalties for non-compliance, but even more importantly, improve patient safety and quality of care.

Why We Endorse Health Care Information Privacy, Security, Compliance and Risk Management Solutions from Clearwater Compliance

The proprietary AHA Signature Due Diligence Process™ selected Clearwater Compliance’s Health Care Information Privacy, Security, Compliance and Risk Management Solutions for their excellence in enabling health care organizations and their business associates to protect patient information by helping them establish, implement and mature their information risk management programs.

A number of factors led the AHA to award its endorsement to Clearwater’s information risk management solutions. Clearwater Compliance’s:

  • Software-as-a-Service (SaaS) model equips organizations to operationalize their compliance and information risk management program in order to make sound decisions on an ongoing basis.
  • By-the-Regs tools and methodologies rigorously follow the regulations and all relevant HHS/OCR guidance, including the underlying National Institute of Standards and Technology (NIST) security framework, upon which the HIPAA Security Rule is based.
  • Education and software training enable hospitals to become self-sufficient in maintaining their compliance programs and managing risks to their information.
  • Sole focus is on health care. The team includes veteran health care executives and privacy and security professionals with extensive experience in information risk management, HIPAA, HITECH and other health care regulatory areas.


Clearwater’s AHA Endorsed solutions guide organizations in understanding the regulations, identifying compliance gaps and taking the right steps to address risks through compliance assessment, risk analysis and risk response software; technical tools; professional and advisory services; education; and training.

The resulting improved risk management can help hospitals avoid costs associated with data breaches and noncompliance penalties ensure greater patient safety, improve the quality of care they deliver and uphold their positive reputations in their communities.