Clearwater’s IRM|Analysis™ Software Helps Healthcare Organizations Assess and Respond to New Cyber Risks Driven by Remote Workforce


Purpose-Built Software Provides Means for Information Security Teams
to Quickly Identify Vulnerabilities Present in a Work-From-Home Environment

NASHVILLE, TN (March 23, 2020) – As cyberattacks surge during the COVID-19 crisis and information security teams at healthcare providers and their vendors work to manage new vulnerabilities and threats borne from the rapid transition to a remote workforce, Clearwater’s IRM|Analysis™ software is helping more than 400 healthcare customers rapidly identify, prioritize, and respond to cyber risks on an enterprise scale.

Designed to facilitate a consistent, information system-focused risk analysis, the software provides the means to assess risk scenarios presented in a work-from-home environment. Using IRM|Analysis, healthcare organizations can re-evaluate the controls that are in place to mitigate the likelihood of a threat exploiting a vulnerability that may exist within information system components that are now in use by remote workers.

Risk scenarios embedded within IRM|Analysis include:

  • The Inability to Adequately Respond to Disaster – Lack of Contingency Planning Risk Scenario for the Security and Governance Component
  • The Improper Disclosure or Use of Sensitive Data – Insufficient Personnel Training Risk Scenario for all Internal and External User Components
  • Multiple Scenarios related to any device furnished by the organization to its staff for use at home, such as laptops and cellphones
  • Multiple Scenarios pertaining to whatever External Network Component is used by the organization to provide remote access to internal organizational systems
  • Multiple Scenarios for any Application or Software-as-a-Service Component used by the organization for email, to store or exchange files remotely (e.g. DropBox, Google Drive, Microsoft OneDrive, etc.), exchange text messages (e.g. Skype, Microsoft Teams, Facebook Messenger, etc.), or conduct remote meetings (e.g. Zoom, GoToMeeting, Webex, etc.)

Upon identifying risks, customers can prioritize any risks above their risk threshold and determine whether to accept, transfer, avoid, or mitigate the risk. In cases where organizations decide to implement additional security measures to reduce risk, Clearwater is making its expert Consulting team available to customers at no charge – as capacity permits – to help them thoughtfully consider which risk scenarios they should assess and provide consultation on available options that can be implemented both quickly and in the context of a work-at-home environment.

“When our healthcare organizations are already under stress, it is even more important that we keep our systems up and healthcare information flowing,” said Clearwater CEO Steve Cagle. “It is unfortunate that at a time like this we need to worry even more about bad actors who might put patient lives in danger with a ransomware attack or attempt to steal sensitive patient data. Trying times can bring out the worst in people, but they can also bring out the best. Clearwater is proud to be playing a small role in helping our healthcare heroes maintain a strong cybersecurity posture while they work to meet patient and community needs.”

To learn more about IRM|Analysis, join our live web demonstration of the software this Wednesday, March 25, at 11am CST. You can register for the webinar at https://clearwatercompliance.com/irmpro/irmanalysis/.

About Clearwater

Clearwater is the leading provider of Enterprise Cyber Risk Management and HIPAA compliance software and consulting services for the healthcare industry. Our solutions enable organizations to gain enterprise-wide visibility into cybersecurity risks and more effectively prioritize and manage them, ensuring compliance with industry regulations. Clearwater’s suite of IRM|Pro® software products and consulting services help healthcare organizations to avoid preventable breaches, protect patients and their data, and meet OCR’s expectations, while optimizing cybersecurity investments. More than 400 healthcare organizations, including 64 of the nation’s largest health systems and a large universe of business associates that serve the industry, trust Clearwater to meet their information security needs. For more information about Clearwater, please visit www.clearwatercompliance.com.