Nation's Health CISOs Take Lead to Manage Third-Party Risk - InsuranceNewsNet

InsuranceNewsNet

Sign in
  • Subscribe
  • About
  • Advertise
  • Contact
Home Now reading newswires
Topics
  • Life Insurance
  • Annuity News
  • Health/Employee Benefits
  • Property & Casualty
  • Advisor News
  • Washington Wire
  • Fiduciary Rule
  • INN Exclusives
  • Newswires
  • INNsider
  • INN Exclusives
  • NewsWires
  • Magazine
Sign in or register to be an INNsider.
  • INN Exclusives
  • NewsWires
  • ★ Regulation News
  • Podcast
  • Magazine
  • About
  • Advertise
  • Editorial Staff
  • Contact
  • Susbcribe

Get Social

  • Facebook
  • Twitter
  • LinkedIn
  • Google+
Insider
newswires
newswires RSS Get our newsletter
Order Prints Share
September 7, 2018 newswires No comments Views: 41

Nation’s Health CISOs Take Lead to Manage Third-Party Risk

Computer Weekly News

By a News Reporter-Staff News Editor at Computer Weekly News -- Prominent Chief Information Security Officers (CISOs) from leading health systems and providers throughout the country have come together to establish the Provider Third Party Risk Management Council to develop, recommend and promote a series of practices to effectively manage their information security-related risks in their supply chain and to safeguard patient safety and information.

Members of the Council observed their supply chains are filled with third parties who support the care delivery process and require access to patient information. Properly vetting and monitoring these third parties is a major challenge, and in some cases, insurmountable for many organizations who simply don't have the expertise or resources. Through innovation and industry leadership, the Provider Third Party Risk Management Council are developing common vetting and oversight practices that will benefit health systems, hospitals and other providers in the United States and around the world.

"Health systems and other providers need to be more active in assessing and monitoring risks posed by third parties to protect patient information while delivering effective care," says Taylor Lehmann, CISO of Wellforce, parent organization of a health system that includes Tufts Medical Center and Floating Hospital for Children. "The primary challenge is organizations can engage with vendors of various sizes, maturity and complexity without really knowing whether the vendor should be engaged in the first place based on their beliefs and investment in cybersecurity."

Lehmann says third parties may have a small number of customers or possibly hundreds or thousands to serve. For third parties, this challenge has resulted in lost time and resources in attempting to comply with each organization's risk management requirements and ensure efficiency for both parties.

The council is working with the HITRUST CSF® and its assurance programs for this initiative to better manage risk. The organizations on the council have each independently decided to require their third-party vendors to become HITRUST CSF Certified within the next 24 months. The HITRUST CSF Certification will serve as their standard for third parties providing services that require access to patient or sensitive information and will be accepted by all the council's organizations. The HITRUST CSF Assurance Program is already the most widely adopted assessment approach used by healthcare organizations and used by third parties to evaluate and communicate their information privacy and security posture. HITRUST will continue to work closely with council members and their organizations to ensure its programs are the hallmark for the industry.

"Our patients expect us to not only deliver robust healthcare to keep them healthy, but also to preserve the trust they have in us by safeguarding their sensitive data. When our patients' sensitive data is shared with our third parties, it's important that we have adequate controls in place. By aligning our third parties' controls to HITRUST CSF, a leading industry framework that evolves with the changing cyber landscape, our customers feel more confident their sensitive data is in good hands," says Omar Khawaja, VP and CISO, Allegheny Health Network and Highmark Health. Goal of the Provider Third-Party Risk Management Council The Provider Third Party Risk Management Council* recognizes that a more efficient approach to third-party assurance is necessary and strives to improve how the industry approaches assessing, monitoring, and responding to risks posed by third parties. By choosing to adopt a single comprehensive assessment and certification program, healthcare organizations represented by the council are prioritizing the safety, care, and privacy of their patients by providing clarity and adopting best practices that their vendors can also adopt, while providing vendors the expectation of what it takes to do business with their organizations.

"We believe the healthcare industry as a whole, our organizations and our third parties will benefit from a common set of information security requirements with a standardized assessment and reporting process," says John Houston, Vice President, Privacy and Information Security & Associate Counsel, UPMC. "We are strongly encouraging other provider organizations to follow suit and adopt these principles."

Council member organizations have each announced they will accept HITRUST CSF Certification in lieu of a separate assessment, questionnaire, audit or certification report.

Keywords for this news article include: HITRUST, United States, Information Technology, Information and Data Security.

Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2018, NewsRx LLC

Older

Recent Findings from Diagnostica Stago Advance Knowledge in Health Insurance (Environmentally Overburdened Gulf State Residents Lack Access to…

Newer

Findings from Qufu Normal University Provide New Insights into Insurance Economics (Optimal reinsurance under risk and uncertainty on Orlicz hearts)

Advisor News

  • Baby Boomers Flocking To A Mexican Retirement
  • Retired Massachusetts Landscaper Scammed Out Of $100K, State Says
  • MDRT Study Finds Consumers Want Advisors Over Tech
  • Your Clients Should Plan Retirement Savings To Last 23 Years
  • Robert Moore Steps Down As CEO Of Cetera, Due To Health Reasons
More Advisor News

Annuity News

  • Arizona The Latest State To Attempt An Annuity Sales Rule
  • Nick Lane Assumes Role As President Of AXA Equitable Life
  • Annuity Sales Spiked 14 Percent In 2018, No Slowdown In Sight
  • Speak Out: NAIC Gets Plenty Of Advice On Annuity Sales Rule
  • Lincoln Financial Introduces Annuity Designed For Retirement Rollover Dollars
More Annuity News

Health/Employee Benefits

  • Kansas GOP Pushes For Cheaper Health Plans That May Not Cover Pre-Existing Conditions
  • A Tax Penalty Could Help Shore Up Obamacare In California
  • Government Headed For Close To Half The Nation’s Health Tab
  • National Health Expenditures To Hit $6T By 2027, CMS Predicts
  • Florida Governor Wants To Import Drugs From Canada
More Health/Employee Benefits

Life Insurance

  • Family Turns To Crowdfunding To Pay For Loved One’s Funeral
  • AM Best Upgrades Issuer Credit Rating Outlook For Principal Financial
  • AIG Sets New Term Life Insurance Rates
  • Northwestern Mutual Reports Strong 2018 Financial Results
  • Florida Police: Niece Steals $188,000, Life Insurance, From Aunt
Sponsor
More Life Insurance

Sign up for our FREE e-Newsletter!

Get breaking news, exclusive stories, and money- making insights straight into your inbox.
select Newsletter Options

Most Popular

  • Annuity Sales Spiked 14 Percent In 2018, No Slowdown In Sight
  • Arizona The Latest State To Attempt An Annuity Sales Rule
  • Private Equity Targets Insurance Agencies For M&A Activity
  • Medicare For All, Single-Payer Will Be Discussed At NAHU Conference
  • Understanding The Benefits Of Whole Life Insurance

Featured Offers

Text Ads

Press ReleasesAll press releases

  • LegacyShield® Launches MyTax, An Integrated Solution for Simplified, Professionally Prepared, Tax Returns
  • Nassau Re Launches Insurtech Incubator Will Give Space and Support to Startups in Hartford
  • Peerfit Prepares for Medicare Expansion with Peerfit Move, Recruits Industry Veteran
  • Great American’s Annuity Customers Share Their Secrets to a Great Retirement
  • Securian Financial Introduces Affordable, Protection-Focused IUL with No-Lapse Guarantee
Add your Press Release >

Topics

  • Life Insurance
  • Annuity News
  • Health/Employee Benefits
  • Property and Casualty News
  • Advisor News
  • Washington Wire
  • Regulation

Top Sections

  • INN Exclusives
  • INN Insider

Our Company

  • About
  • Editorial Staff
  • Advertise
  • Contact

Sign up for our FREE e-Newsletter!

Get breaking news, exclusive stories, and money- making insights straight into your inbox.

select Newsletter Options
Facebook Linkedin Twitter Google+
© 2019 InsuranceNewsNet.com, Inc. All rights reserved.
  • Terms & Conditions
  • Privacy Policy
  • Sitemap
  • AdvisorNews

Sign in with your INNsider Account

Not registered? Become an INNsider.