Vendor Risk Management Through Secured Access

Presented by

Vice President of Assurance Strategy & Community Development for HITRUST, Mike Parisi

About this talk

Healthcare relies heavily upon its business associates and third-party vendors to ensure seamless transactions, bolster care quality, and other processes. Covered entities employ systems to support access to data. In doing so, vendors actually increase risks to provider organizations when those access points and contractual relationships aren’t properly managed. As healthcare has continued to be a prime target for hackers, as well, the use of those digital environments needs to be protected to ensure providers aren’t exposing their organization to HIPAA compliance issues, security incidents, or even a breach of patient data (PHI). As the Vice President of Assurance Strategy & Community Development for HITRUST, Mike Parisi has extensive experience with third-party assurance reporting, such as HITRUST readiness and certification, Agreed Upon Procedure, and customized AT-101 engagements. He’s led more than 500 controls-related engagements, primarily in the health and financial service industries. During this presentation, Parisi outlines the challenges of vendor risk management, while focusing on the benefits and drawbacks of various identity access methods. He’ll also highlight the increasing need for vendor privileged access management. Learning Objectives: - Outlining the risks third-party vendors and business associates pose to health delivery organizations - Identifying best practices for successfully building and assessing vendor risk management - Detailing steps to implementing secure access for vendors, including contracting, privileged access management, and other security policies and tools

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (62)
Subscribers (1786)
Over the past two decades, we have become the leading experts in critical access management for highly regulated enterprise organizations, technology vendors, healthcare providers, and more. Organizations of varying industries and needs continue to depend on SecureLink to secure access to their critical systems, data, IT and OT infrastructure, regulated information, and networks. Our value is more than world-class products — it’s our partnerships with every organization we work with. We understand technology, security, industries, and the vast cyber threats our customers face. We’re here to stand beside them and keep them secure.