SHIELDS for Families
Learn how SHIELDS for Families successfully identified existing security and compliance gaps and prioritized a remediation plan.
“As a non-profit working with an under served population, we needed to find expert resources to respond quickly and effectively to the data requests and questions from OCR following the theft of a server. With Clearwater’s help, our response was timely, accurate and compelling. Bottom Line: No fines were assessed.”
-Chris Igonia-Mock, JD
Policy Analyst/HIPAA Compliance Officer
“Clearwater helped us fine-tune our policies and procedures, and to conduct a risk analysis to ensure other vulnerabilities would not easily be exploited.”
- Patrick Coffin
At a Glance:
- Incorporated in 1991, SHIELDS for Families is a community-based, non-profit 501(c)(3) organization serving families residing in South Los Angeles.
- SHIELDS currently employs over 380 full-time employees with an annual budget of over $28 million to serve 10,000 families annually in 39 programs.
- Reported a breach to OCR and six months later received an information request list.
- To respond to a detailed information request list from OCR regarding a breach
- To establish and declare the organization as a hybrid entity
- To identify any other security or compliance gaps that exist and prioritize a remediation plan
Clearwater Compliance Solutions:
- Developed content and organized information to reply to OCR’s requests through research and interviews
- Completed HIPAA risk analysis using Clearwater’s IRM|Analysis™ software
- Cross walked Policies and Procedures to the HIPAA regulations and provided recommendations and templates to strengthen
- Examined organizational structure and programs to define hybrid and HIPAA/ non-HIPAA components
RESULTS AND VALUE CREATED:
- No fines, penalties or corrective action plans were assessed by OCR for the breach
- Met the Security Rule requirement to conduct a comprehensive risk analysis and strengthened SHIELDS security program
- Established the organization as a hybrid and identified the HIPAA Healthcare Components
- Strengthened SHIELDS’ compliance program through updated policies and procedures, including incident response