Demo Request
X Close Search

How can we assist?

Third-Party Risk Costs the Healthcare Industry $23.7 Billion a Year

Censinet Logo

Censinet was founded on the promise of improving third-party risk management processes for healthcare providers – procedures that are constantly failing both systems and patients. As a society not only have we lacked the ability to adequately assess and understand the risks that third-party vendors pose, but it has also become an incredibly costly burden to healthcare providers largely due to manual processes that create vast hidden costs as well as the increased proliferation of cloud applications and connected medical devices.

To understand the magnitude of the issue, Censinet and the Ponemon Institute teamed up to conduct a survey of 554 healthcare IT and security professionals who are involved in managing their organizations’ third-party healthcare vendor risk management programs and, as expected, the results were disconcerting. Among other data, the study shows a gap of 2.5 times between what third-party vendors budget versus what is actually required to help them keep pace with the growth of cyber threats and vulnerabilities.

Reliance on inefficient third-party vendor risk management processes and the inability to automate risk assessments and remediation has created an environment where third-party vendor breaches are commonplace and expensive. Findings of particulate interest include:

  • 72 percent of respondents believe the
    increasing reliance upon third-party medical devices connected to the internet
    is risky
  • 68 percent say moving to the cloud while connecting medical devices to the internet creates significant cyber risk exposure
  • Two out of three respondents believe that current manual risk management processes cannot keep pace with cyber threats and vulnerabilities
  • 63 percent believe they cannot keep pace with the proliferation of digital applications and devices

The research also uncovered that there are significant, additional hidden costs associated with data breaches – including the involvement of information security and risk staff, supply chain managers, clinicians, and line of business managers – which increase that number by 10x to 5,040 hours per month that healthcare providers spend managing third-party vendor risk. All told, that amounts to nearly $4 million per year per healthcare provider spent on third-party risk management solutions, at a total cost of almost $24 billion across the industry.

For those interested in a closer look at the findings, Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, and myself present the research data and discuss vendor risk management best practices for healthcare providers in our webinar on demand, The Economic Impact of Third-Party Risk Management in Healthcare: Ponemon Research.

For more information or to download the full report please visit: https://censinet.com/ponemon-research-report-the-economic-impact-of-third-party-risk-management-in-healthcare/

Recent Posts

Censinet Announces New Webinar Series on HHS Cybersecurity Performance Goals to Facilitate Implementation, Compliance
Censinet Announces “Censinet Champions” Webinar Series to Showcase Success Stories, TPRM Transformation
Censinet Delivers New Product Support for NIST CSF 2.0 and HHS Cybersecurity Performance Goals
Censinet to Recognize Cybersecurity Transparent Healthcare Organizations at HIMSS 2024
Censinet, KLAS, and American Hospital Association, Publish the 2024 Healthcare Cybersecurity Benchmarking Study
Censinet Eliminates Security Questionnaires with Censinet Connect™ Copilot
Censinet Delivers Health Industry’s First Risk Register with Real-Time Enterprise and Ecosystem Orchestration
Censinet Announces Benchmarking Study Results, New Product Innovations, and Cybersecurity Awards at ViVE 2024 Conference

Categories

Slide 1

This is some text inside of a div block.
Text Link
Beckers Health IT logo

5 ways to reduce 3rd-party cybersecurity risks, per 18 experts

Healthcare information technology security leaders from across the country have shared insights with Becker's regarding the most important steps for hospitals and health systems to take in preventing increased cybersecurity risks when working with th

Read More >>
Fourth Party Risk

When Fourth Party Risk Becomes a First Party Nightmare

The MOVEit vulnerability is a critical security flaw in file transfer software that is widely used across multiple industries. This vulnerability was first disclosed in June 2023 and has since been exploited by threat actors to gain access to and con

Read More >>
Voice of the Assessor

Voice of the Assessor

Voice of the Risk Assessor

Read More >>
Censinet Risk Assessment Request Graphic

Censinet RiskOps™ Demo Request

Do you want to revolutionize the way your healthcare organization manages third-party and enterprise risk while also saving time, money, and increasing data security? It’s time for RiskOps.

Schedule Demo

Sign-up for the Censinet Newsletter!

Hear from the Censinet team on industry news, events, content, and 
engage with our thought leaders every month.

Censinet Logo
Third Party Risk
Enterprise Risk
Provider Solutions
Vendor Solutions
About
Terms of Use | Privacy Policy | Security Statement | Crafted on the Narrow Land