This month, we begin with a word of thanks to those who shared their feedback and helped Clearwater gain recognition as the top-rated Compliance and Risk Management solution provider in Black Book Market Research's annual survey of healthcare providers again this year. Cyber risk management is the main focus of this month's newsletter as we reflect on the state of the industry, highlight a new book written to help senior leaders and board members better support Enterprise Cyber Risk Management programs, and look forward to the opportunity to share further perspective on the subject during next week's Healthcare Security Forum, a HIMSS virtual event. You can find information about other upcoming educational events and our round-up of noteworthy articles here as well.
Our best wishes to you and yours for a peaceful and happy holiday season. Please reach out to us with your questions and concerns at info@clearwatercompliance.com.
-The Clearwater Team
Advancing Cyber Risk Management in Our Nation's Hospitals
Rather than invest in risk analysis and risk management processes, many healthcare organizations rely on high-level control checklists to evaluate the effectiveness of their security program. Checking boxes, rather than evaluating whether those controls are sufficient to reduce each organizations’ risks to sufficient levels, may provide a false sense of security.
Other organizations that do assess risks, may not do so for all of their information systems, or all of their components. As a result, important risks may be missed, and security investments may be misdirected rather than optimized to ensure that they reduce as much risk as possible.
Failure to conduct enterprise-wide risk analysis can leave gaping vulnerabilities exposed. Without compensating controls, cyberattacks can easily exploit these vulnerabilities, as we have witnessed time and again.
Now available for purchase, Stop the Cyber Bleeding is a business book about Enterprise Cyber Risk Management (ECRM), because ECRM is a business matter. Creating an ECRM program requires the leadership of C-suite executives and the oversight of the board. ECRM is not an “IT problem”; furthermore, handled properly, it can become a business enabler.
To be successful at leveraging ECRM to be a business enabler, the C-suite and board must engage. Yet, many are uncertain how to do so. This new book shares what Clearwater Founder and Executive Chairman Bob Chaput has learned over the course of his nearly 40-year career in healthcare IT, security, and compliance and provides tangible, actionable guidance, and recommendations on how to establish, implement, and mature a formal ECRM program.
See below for a list of upcoming virtual educational sessions designed to provide clarity on key risk and compliance challenges and opportunities facing healthcare organizations. Click the image to learn more about a particular event.
If the time we have scheduled is not convenient with your schedule, register anyway and we will be sure to send you the webinar recording.
Visit our library of On-Demand Webinars for a wealth of additional content you can review at your convenience.
FEATURED WEB EVENT | DECEMBER 8, 2020
If you are attending next week's Healthcare Security Forum, be sure to join the session Advancing Cyber Risk Management in Healthcare and interact with our CEO Steve Cagle. During this session, we will discuss how leading IDNs, hospitals, and other providers have gone beyond control checklists and built true cyber risk management programs.