Demo Request
X Close Search

How can we assist?

How health organizations can effectively manage third-party risk

How health organizations can effectively manage third-party risk

Stephen] Why is there so much interest in third-party risk management going into the year 2020?

[Jigar] There’s been a lot of incidents with regards to third parties, both directed third parties and other third parties, tertiary folks. And in the healthcare space, third parties are a critical avenue in the supply chain function, and they conduct a lot of business on behalf of hospital systems, both from a system perspective and from an IT perspective. Many rely on third parties for niche solutions, skills, etc. And they are important and critical cogs in processing of data. And every time there’s a breach, whether it’s one that you’re familiar with or a different one that you’re not using, it just escalates the need to make sure our critical third parties are secure, safe, and they have a plan for business continuity.

A lot of the third parties that I’ve seen in the paper recently, they are small organizations with no business continuity or disaster planning in place. So, if they have a virus, a ransomware attack, their systems go down and it impacts us because we’re using them for critical business operations, both from a hospital perspective and from an IT perspective.

[Stephen] What are some ways that the healthcare providers watching HIMSS TV can begin to better manage their third-party risk and to work with their third parties?

[Jigar] First things first, they have to have an inventory of their third parties. They need to determine which third parties are the most critical, prioritize those, and then go do some type of assessment to make sure their third party has the tools, processes, procedures in place, where you feel comfortable. Whether it’s a risk assessment or a feasibility analysis, something where you feel comfortable with them and you’re okay with whatever their approach is.

[Stephen] How does Censinet differ from other products on the market today? Like what’s unique about it?

[Ed]  Yes, we take a different approach fundamentally. So, we believe the way to solve the problem is to connect the providers, with their supply chain of vendors. And have that transaction done in real time versus sending out questionnaires via Excel spreadsheets or Word documents or PDFs. We believe doing that online and enabling the vendor to do the right thing and do it one time, but share those results and share the evidence with the provider community at any point in time, is the way to go. Both sides benefit.

The providers can get their assessments done in a much faster time. Where we’re seeing averages today, before Censinet, somewhere in the eight to twelve weeks, we’re getting assessments done in less than five days. Also the accuracy and the quality of the assessments is really important as well. And you’re able to actually store and maintain that evidence now based on the responses to the questionnaires. That also is invaluable. So, you can correlate the responses with the actual evidence that’s provided on behalf of that third-party vendor.

[Stephen] Why are healthcare providers using Censinet?

[Jigar] One, it’s healthcare provider-only. Two, a number of healthcare providers helped create it. And three, I don’t know if it’s healthcare providers or the healthcare industry, but there seems to be a lot of sharing, and we’re all facing the same issues as it relates to third parties.

[Stephen] How is Censinet helping these providers achieve their goals? What are the benefits?

[Jigar] A consolidated platform for workflow for third-party risk assessments, scoring data, vendors that proactively are a part of the system. If I’m going to use a vendor and they’re already part of Censinet, then I don’t have to redo all the work. That saves man-hours and time from my team as well as from the third party themselves.

[Stephen] What are your predictions in 2020 for the risk management space?

[Ed] I think this will be the year of risk management. I think more than ever, there’s a lot of investment being made in this space. There are a lot of new companies and a lot of new vendors coming at this problem, trying to solve the problem. Again, we think creating the collaborative risk network is the way to do that, and that’s Censinet’s approach. But there are other approaches too and some of them are pretty recent. And some of them, again, are based on these old assumptions that, you know, you can spend a year and wait until a reassessment is done.

We don’t believe that. We believe in the continuous monitoring and the reassessment of a vendor. We think that’s the way to do it, and we think also you get more coverage of your vendors across your supply chain by doing it that way.

Recent Posts

Censinet Announces New Webinar Series on HHS Cybersecurity Performance Goals to Facilitate Implementation, Compliance
Censinet Announces “Censinet Champions” Webinar Series to Showcase Success Stories, TPRM Transformation
Censinet Delivers New Product Support for NIST CSF 2.0 and HHS Cybersecurity Performance Goals
Censinet to Recognize Cybersecurity Transparent Healthcare Organizations at HIMSS 2024
Censinet, KLAS, and American Hospital Association, Publish the 2024 Healthcare Cybersecurity Benchmarking Study
Censinet Eliminates Security Questionnaires with Censinet Connect™ Copilot
Censinet Delivers Health Industry’s First Risk Register with Real-Time Enterprise and Ecosystem Orchestration
Censinet Announces Benchmarking Study Results, New Product Innovations, and Cybersecurity Awards at ViVE 2024 Conference

Categories

Slide 1

This is some text inside of a div block.
Text Link
Beckers Health IT logo

5 ways to reduce 3rd-party cybersecurity risks, per 18 experts

Healthcare information technology security leaders from across the country have shared insights with Becker's regarding the most important steps for hospitals and health systems to take in preventing increased cybersecurity risks when working with th

Read More >>
Fourth Party Risk

When Fourth Party Risk Becomes a First Party Nightmare

The MOVEit vulnerability is a critical security flaw in file transfer software that is widely used across multiple industries. This vulnerability was first disclosed in June 2023 and has since been exploited by threat actors to gain access to and con

Read More >>
Voice of the Assessor

Voice of the Assessor

Voice of the Risk Assessor

Read More >>
Censinet Risk Assessment Request Graphic

Censinet RiskOps™ Demo Request

Do you want to revolutionize the way your healthcare organization manages third-party and enterprise risk while also saving time, money, and increasing data security? It’s time for RiskOps.

Schedule Demo

Sign-up for the Censinet Newsletter!

Hear from the Censinet team on industry news, events, content, and 
engage with our thought leaders every month.

Censinet Logo
Third Party Risk
Enterprise Risk
Provider Solutions
Vendor Solutions
About
Terms of Use | Privacy Policy | Security Statement | Crafted on the Narrow Land