home_banner `

Content Icon

58% of Health Care Organizations Don’t Require Vendor Security Certifications

October 11, 2018 | Content Aggregator - Single Slide | Vendor and Partner Management

Security certifications provide third party validation of security practices. Only 42 percent of health care organizations hold the security certification of their software vendors. A larger percentage, 58 percent of organizations, are not holding vendors accountable for meeting minimum acceptable security standards.


Already a client?

Log In to Continue

Not a client?

Request More Information

Related Research

Red-Flag Vendor Usage of PII During Assessments

A red flag approach can greatly speed up vendor assessments, while ensuring that critical issues are uncovered and addressed. In this Ask-an-Expert written response, IANS Faculty Josh More details the best questions for flagging vendors that transmit, process or store personally identifiable information (PII). 

Best Practices for Handling Third-Party Contractors

Third-party contractors can present a host of risks to an organization. In this Ask-an-Expert written response, IANS Faculty Josh More details a three-part process to help ensure such risks are reduced to acceptable levels.

Due Diligence Questionnaire

This questionnaire is used during the due diligence phase of the third-party risk management process. It is developed based on the security and financial risks identified and quantified in the initial risk assessment, completed by vendors and then numerically scored by the third-party risk assessment team.