Home » CTEK in the News » Health Providers Spend $3.8M on Third-Party Vendor Risk Management

× Share this Article

Facebook
Twitter
Email
LinkedIn

Health Providers Spend $3.8M on Third-Party Vendor Risk Management

July 17, 2019 Mayuri Kumar

Share this Article
Facebook
Twitter
Email
LinkedIn

The hidden costs of third-party vendor risk management are about $3.8 million per provider annually, given the sector’s struggles to properly assess and remediate vendor risk, according to a new report from Ponemon Institute and Censinet, which sponsored the report.

Ponemon researchers surveyed 554 IT and IT security leaders from the healthcare sector tasked with third-party vendor management. They found that, overall, the sector is struggling to prevent and mitigate vendor risk or vendor-related breaches, which is causing an economic impact given the increase in the Department of Health and Human Services fines and investigations.

Read the full article here.

Phishing Attack on California Vendor Breaches Data of 14,500 Patients

Open Source Genomic Analysis Software Flaw Patched

Genomics researchers use open source software for "personalized medicine" projects that involve using a pat...

Most Recent Articles

Victim Count in Magellan Ransomware Incident Soars

David Finn discusses the risks faced by interconnected organizations in the healthcare sector and how the number of people affected by the April ransomware attack on Magellan Health continues to grow.

Data Breach Settlement Has an Unusual Provision

David Holtzman discusses the preliminary settlement of a class action data breach lawsuit against Iowa Health System (a.k.a UnityPoint Health).

Breach Notification Delay: A Step-by-Step Timeline

Why are some breach notifications delayed for months? David Bailey discusses the statement made by Choice Health Management Services which issued a step-by-step explanation on breach notifications.

The future of medical appointments will be remote. Here's how hospitals are making the transition and dodging new cyber threats, according t

In this recent Business Insider article, they discuss the future of medical appointments being remote and how hospitals are making the transition and dodging new cyber threats.

A Tale of 2 Health Data Breaches: Persistent Challenges

David Finn discusses two recent health data breaches that illustrate persistent security challenges – defending against ransomware attacks as well as unauthorized access to email.

Telehealth After COVID-19: Privacy, Security Considerations

What will happen after July 25th? The Federal government's recent policy changes for facilitating patient care during COVID-19 may have an impact on telehealth restrictions in the future.

Business Associate Incidents Added to Breach Tally

In the latest article by Healthcareinfosecurity.com David Holtzman discusses the major health data breaches that have been added to the federal tally in recent weeks.

The CyberWire Daily Podcast - Episode 952

Cyberwire’s latest podcast features Caleb Barlow as he discusses the challenges of securing medical records.

The CyberWire Daily Podcast - Episode 1075

Cyberwire’s latest podcast features Caleb Barlow as he discusses his responsibilities during an incident from the SOC operator to the CEO.

Lawsuit Filed Against Accounting Firm in Patient Data Hack

In the latest article by Healthcareinfosecurity.com David Holtzman discusses the class action lawsuit filed against accounting firm BST & Co. CPAs LLC that allegedly exposed patient information.

The CyberWire Daily Podcast - Episode 1108

Cyberwire’s latest podcast features Caleb Barlow as he discusses how hospital CISOs are dealing with the COVID-19 situation.

Telehealth App Breach Spotlights Privacy, Security Risks

A software error that briefly allowed individuals to access other patients' telehealth appointment recordings serves as a reminder of potential security.

Are Academic Healthcare Systems Top COVID-19 Attack Targets?

UCSF released a report that shows that academic healthcare systems and healthcare sector entities both have been favorite targets of hackers during the COVID-19 pandemic.

Healthcare groups report lowest monthly breaches since 2016

Healthcare providers, insurers, and business associates reported 16 data breaches to the federal government in May, the lowest number of data breaches reported in a single month in more than 4 years.

Marti Arvin, Adam Greene and Joan Podleski on COVID-19 Disclosure Issues [Podcast]

Marti Arvin joins The Compliance and Ethics Blog podcast with guests as they discuss questions around the coronavirus pandemic about what is and isn’t permissible.

Inside Job at Clinics: Mobile Phone Used for Fraud

David Holtzman, Executive Advisor at CTEK discusses with Healthcare Info Security on the potential risks posed by employees inappropriately using personal devices during COVID-19.

HHS's COVID-19 Response, Recovery Efforts to Be Scrutinized

David Holtzman, Executive Advisor at CynergisTek, contributes this article, which focuses on the HHS’s new strategic plan for its oversight of HHS COVID-19.

The CyberWire Daily Podcast - Episode 1093

Cyberwire’s latest podcast features Caleb Barlow as he discusses if GDPR may have unintended consequences for stopping COVID-19 scammers.

The CyberWire Daily Podcast - Episode 1085

Cyberwire’s latest podcast features Caleb Barlow as he discusses Alan Brunacini’s concept of an Incident Action Plan.

What To Do When Vendors Fail

David Holtzman Executive Advisor at CynergisTek contributes this article, which focuses on how healthcare providers deal with the security of their vendors, as well as HIPAA requirements/suggestions.

Return to Home

Insights Center

Health Providers Spend $3.8M on Third-Party Vendor Risk Management

Previous Article

Next Article