Most organizations recognize the need to receive reasonable assurance that their vendors are able to safeguard their PHI. However, the number of vendor assessments to be conducted continues to grow, with many prospective vendors in the pipeline and existing vendors that haven’t been reviewed in a number of years. All this comes in an environment where the risk and consequences of a breach of PHI are significant and severe.
CORL’s Vendor Security Risk Management service combines risk intelligence with responsibly shared input from the Healthcare Industry to help you manage vendor risk. CORL uses a four step approach that integrates easily into your organization's vendor risk management processes.
The traditional vendor security approach is typically a point-in-time review. This means that changes that occur in risk after the assessment is completed are usually not identified or addressed: