Clearwater Introduces IRM|Performance to Power Cybersecurity Maturity and Resiliency

March 11, 2024

New software solution is purpose-built to help healthcare organizations gauge cybersecurity program performance against the proven standards of the NIST Cybersecurity Framework

ORLANDO, Fla., March 12, 2024 - Clearwater, the largest pure-play provider of cybersecurity and compliance solutions for the healthcare industry, announced today at the HIMSS Global Conference & Exposition a new addition to its proprietary SaaS platform, IRM|Pro. The solution, IRM|Performance, is a force-multiplying component of Clearwater's tech-enabled NIST CSF Maturity Assessment and equips healthcare executives with ongoing performance indicators, dashboards, and reporting related to their organization's cybersecurity program performance. IRM|Performacne enables healthcare organizations to measure their conformance relative to the NIST CSF – a healthcare industry standard – and the HHS Voluntary Cybersecurity Performance Goals, published earlier this year.

2024 has already seen some of the worst cyberattacks in healthcare history, with the recent Change Healthcare attack and the attack on Lurie Children's Hospital shortly before, which left the hospital's systems shut down for at least foue weeks. Healthcare CISOs, CIOs, and IT leaders tasked with protecting their patients, systems, and organizations face a difficult challenge against ruthless and elusive cyber criminals, but by using the NIST Cybersecurity Framework as a guidepost, they can draw upon proven standards and practices that have been developed to promote the protection of critical infrastructure.

Clearwater's IRM|Performance software and NIST CSF Maturity Assessment give healthcare leaders visibility into their current cybersecurity program performance and a means to communicate where they're headed as an organization and what they need to get there.

Designed to empower healthcare organizations to gauge the current state and demonstrate program maturation over time, IRM|Performance and the NIST CSF Maturity Assessment, delivered by Clearwater's dedicated healthcare cybersecurity experts, provide powerful insights into cybersecurity programs and show healthcare leaders a clear path to better cyber resiliency. Report outputs provide both operational reporting for IT and Security personnel and executive-level outputs appropriate for Risk Governance Committees and Boards of Directors.

IRM|Performance complements Clearwater's existing and field-proven IRM|Analysis module and accompanying Risk Analysis services. Performing an accurate and thorough analysis of vulnerabilities and risks for all systems with electronic protected information is a requirement of the HIPAA Security Rule. Clearwater's IRM|Analysis was purpose-built to meet the guidance and expectations of the Office for Civil Rights, which enforces HIPAA for the U.S. Department of Health & Human Services (HHS). Over the last decade, Clearwater's deliverables, performed with IRM|Analysis, have been accepted by OCR 100% of the time.

Combined in a single platform, IRM|Performance couples maturity assessments with risk analysis, amplifying the power of the platform to address today's more advanced security assessment and regulatory compliance demands.

"We've been helping healthcare leaders evaluate the performance of their cybersecurity programs against NIST CSF for a long time," says Clearwater's Chief Product Officer Jon Stone. "We developed IRM|Performance to take these assessments to the next level by incorporating the results into the IRM|Pro platform to be leveraged alongside the rest of an organization's cyber risk data and delivering the kind of dashboards and reporting that not only help tell the story of an organization's cybersecurity maturity but also give leaders a roadmap for continuously validating and improving their cybersecurity posture."

"These past few weeks have been brutal for healthcare organizations," Clearwater CEO Steve Cagle says. "When one organization falls victim to a cyberattack, the ripple effect can impact care delivery, employees, and patient safety throughout the industry. Clearwater is proud to deliver tech-enabled solutions and services to help organizations stand up to cyber threats and prevent successful attacks like those we've seen in the past few weeks. IRM|Performance and our NIST CSF Maturity Assessment are key to this level of cyber resiliency as they give leaders visibility into their current program performance and a means to communicate where they're headed as an organization and what they need to get there."

IRM|Performance is part of Clearwater's SaaS platform, IRM|Pro, built to help healthcare organizations solve their greatest cybersecurity and compliance challenges. From completing a thorough information asset-based risk analysis, meeting the requirements of HIPAA's Security and Privacy & Breach Notification Rules, and measuring performance against frameworks like 405(d) HICP and NIST CSF, each module helps identify exposures, manage and reduce the likelihood of a breach, save time and money, and meet compliance requirements by identifying the unique threats and vulnerabilities applicable to an organization.

Visit Clearwater in booth #1618 in the Cybersecurity Command Center at the HIMSS Global Conference & Exhibition to learn more about how the company is moving the healthcare industry to a more secure, compliant, and resilient state through a powerful combination of managed services, consulting, and software.