ClearDATA Comply™: Compliance Software and Services for Healthcare in the Cloud
Protect Your Cloud Environment with ClearDATA Comply
ClearDATA Comply is a multi-cloud healthcare compliance solution that alleviates the risk of non-compliance for standards such as HIPAA and GDPR, while also offering protection for your cloud environment. Our HIPAA compliance software and services are available across the three public clouds (AWS, Azure, and Google Cloud). Comply automatically configures services in a safe and compliant way, so you know the resources that your team spins up are secure and protected to process, transmit, or store sensitive data and/or PHI.
Comply comes with Automated Safeguards, which keep you protected throughout the lifecycle of your application. Comply also gives you visibility into your compliance status, as well as in-time and trend reporting, through our Compliance Dashboard.
Customer application teams can provision services directly from their cloud provider. Automated Safeguards check each action against specific controls and ensure that properly configured services are deployed. Whenever an Automated Safeguard detects a compliance drift at provisioning or when re-configuring a resource, the resource is either remediated or terminated if it can’t be remediated and does not hold any data.
Our interpretation of standards and certifications maps the appropriate technical controls to each regulation across different public cloud services. We enforce the controls with automation, giving you native access to the cloud with continuous compliance.
ClearDATA provides interpretation for a breadth of standards and certifications. The interpretation is then mapped to the appropriate control and applied for the different cloud services.
We have Automated Safeguards available for a variety of services across the three public clouds (AWS, Azure, and Google Cloud) providing automation for over 230 technical controls across 70 different services. With Automated Safeguards, you can keep your team focused on innovation for your organization, rather than spending time determining if you enabled encryption in transit on your storage service, for example.
The ClearDATA Compliance Dashboard can simplify the process of gathering artifacts and demonstrating your organization’s culture of continuous compliance, which includes IT elements such as virus scans, intrusion detection, logging, back-up, and encryption. Current scorecards and historical trending data by cloud service, regulatory framework, or geographic region make it easy to view your attainment of compliance objectives over time. Assets can also be grouped easily to represent a given application, team, or line of business.
Snapshot view of the Compliance Dashboard, which provides visibility of your compliance status across different regulations, as well as over time. All of these reports are available as a PDF download should you need to share this with a stakeholder.
Comply offers an Evaluation-Only mode, which performs evaluations of your existing environment, reports the compliance status, and exposes areas of vulnerabilities without automated safeguards & remediation enabled. With Evaluation-Only mode, you can choose your path to remediation via a self-driven prompted experience: whether it's to self-select which resources should have automated safeguards and remediation enabled, or opt to remain in Evaluation-Only mode and resolve identified vulnerabilities on your own--both of which provide additional flexibility for deployment within existing cloud environments, particularly those with strict management controls.
ClearDATA Comply Software with Managed Services
We have healthcare-specific expertise in managing our customers' cloud environments. From partnering with you to advise on cloud environment architecture and build that is compliant from day 1, to continuous compliance throughout the lifecycle of your application—backed by a team of cloud security and compliance experts—our focus is to keep you safe and secure. We offer two healthcare compliance software packages to best meet your needs which are all backed by our comprehensive BAA.
ClearDATA Comply Software Only
We understand that some organizations wish to manage their own cloud environment. ClearDATA Comply can also be used in a self-service fashion to provide Automated Safeguards and a Compliance Dashboard as HIPAA compliance software to help you adhere to healthcare regulations. If you already have a BAA with your Cloud provider, along with satisfying indemnification and liability protection, you may only need a 3rd party to evaluate, remediate, and document your compliance posture.