Why Your Vendors Are Your Biggest HIPAA Privacy Risk

Presented by

Kathleen Randall, EVP North America CISSP, CISA, GSNA and Ben Dalton, Senior Technical Consultant

About this talk

In the past, healthcare organizations have paid lip service to HIPAA’s privacy requirements for third party vendors, or “business associates.” As data breaches and malware continue to cripple healthcare institutions, many are realizing that their weakest links may be out of their control and in their vendor’s hands. How can you be assured that your ePHI data is in safe hands? By asking the right questions. Industries like finance, insurance, energy have managed third party risk programs for years. In this webinar learn how industry best practices can be incorporated to not only meet HIPAA requirements but also give visibility to manage your external risk to your healthcare organization. The session will cover: • Managing the risk of your Business Associates (and the risk of their Business Associates) • Case Studies: Vendors as a common source of breaches • Before you sign off on the Business Associate Agreement, what you should be doing? • Work smarter, not harder: How to drive a cost-effective and OCR-compliant process.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (6)
Subscribers (701)
SureCloud is a true SaaS provider of Integrated Risk Management and Privacy Management solutions, purpose-built for the organization looking to get away from managing their compliance and risk programs with manual methods, spreadsheets and SharePoint. SureCloud drives teams to increase effectiveness, efficiency and collaboration through process automation, while providing management with maximum visibility through reports that offer peace-of-mind and enterprise risk awareness. The company has an extensive customer base spanning a variety of different industries and geographies. With that cross-industry expertise, SureCloud has created an out-of-the-box risk, compliance and privacy solution for healthcare payors, providers and healthcare vendors. If you have a small team, you may also benefit from SureCloud’s managed GRC service, which allows practitioners to focus on the analysis and high-value work, rather than worrying about system administration or configuration.