home_banner `

Content Icon

58% of Health Care Organizations Don’t Require Vendor Security Certifications

October 11, 2018 | Content Aggregator - Single Slide | Vendor and Partner Management

Security certifications provide third party validation of security practices. Only 42 percent of health care organizations hold the security certification of their software vendors. A larger percentage, 58 percent of organizations, are not holding vendors accountable for meeting minimum acceptable security standards.
IANS

 SUBSCRIPTION REQUIRED


Already a client?

Log In to Continue

Not a client?

Request More Information

Related Research

Due Diligence Questionnaire

This questionnaire is used during the due diligence phase of the third-party risk management process. It is developed based on the security and financial risks identified and quantified in the initial risk assessment, completed by vendors and then numerically scored by the third-party risk assessment team. 

Ask the Right Questions When Vetting Overseas Vendors

Many U.S. assumptions must be adjusted when assessing third parties overseas in areas like the EU, China, Russia or India. In this Ask-an-Expert written response, IANS Faculty Josh More explains the differences in terms of culture and expectations, and provides key questions to help assess overseas vendors appropriately. 

Subcontractor Breaches: Overview of Records Exposed by Industry

Third-party/subcontractor breaches released four times the number of exposed records compared to 2017 -- 4.8 million vs. 935,000. Medical subcontractors exposed the most records (2.8 million) in 2018 and saw the biggest jump.

Vendor Risk Management: How a Tagging Approach Helps Streamline and Improve the Process

Many vendor management programs today struggle with lengthy reviews, rising costs and increasing levels of uncertainty. In this report, IANS Faculty Josh More introduces the concept of tagging, a more flexible vendor assessment process designed to streamline and improve critical vendor management tasks, from classifying vendors to developing appropriate questionnaires.