A medical device manufacturer exposes the personal and medical records of 277,000 patients contained in emails archived by a third-party vendor during a routine server migration. The personal information of 45,000 patients at a healthcare provider are exposed through an improper disclosure of a file by a third-party vendor. The medical records of potentially millions of patients are exposed due to an unsecured fax server at a third-party vendor.
These data breaches have one thing in common: they were all caused by third-party vendors and could have been mitigated with proper risk management controls. However, most risk today is managed using ad-hoc, manual processes and antiquated tools. Unfortunately, security and privacy of patient medical records, HIPAA noncompliance and potential financial losses are just a few of the problems caused by these insufficient approaches to third-party vendor risk management.
In this white paper, we will look at the problems in current healthcare third-party vendor risk management and explore how a collaborative cloud platform can significantly change the way healthcare CIOs and CISOs manage their third-party vendor risk.