Healthcare Vendor Risk Management Programs Lagging, Says Study

[InfoSec News <alerts () infosecnews org>]

http://healthitsecurity.com/news/healthcare-vendor-risk-management-programs-lagging-says-study

By Elizabeth Snell
healthitsecurity.com
July 8, 2015

Healthcare vendor risk management programs can have a huge impact on a 
healthcare organization’s ability to keep sensitive data - such as patient 
PHI - secure. However, if a recent study is any indication, healthcare 
vendor risk management programs have room for improvement.

The 2015 Vendor Risk Management Benchmark Study, conducted by The Shared 
Assessments Program and Protiviti, found that vendor risk management 
programs within financial services organizations are more mature than 
companies in other industries, such as insurance and healthcare.

“Even the more optimistic assessments of the current state of vendor risk 
management indicate that significant improvements may be needed,” the 
report’s authors explained. “The time for progress and improvements in 
vendor risk management capabilities is now, particularly when considering 
that cyberattacks and other security incidents are very likely to continue 
increasing.”

The survey interviewed more than 460 executives and managers in various 
industries. Respondents were asked to rate their organization’s maturity 
level in different areas of vendor risk management on a 0 to 5 scale, with 
0 equal to “Do not perform” and 5 equal to “Continuous improvement - 
benchmarking, moving to best practices.”

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/