Demo Request
X Close Search

How can we assist?

Case Study

How Tower Health Transformed Third-Party Risk Management (TPRM) with Censinet RiskOps™

Download PDF

Key Challenges

Relying 100% on spreadsheets and manual processes, Tower Health faced significant challenges managing third-party risk (TPRM). This “broken and inefficient” approach drove persistent frustrations and severely limited the volume of third-party risk assessments that could be completed each year – with no time for reassessments. Tower Health’s TPRM program was characterized by:

  • High resource intensity: Tower’s TPRM program required up to 5 FTEs, all working below “top of license” on mostly manual tasks.
  • Slow throughput: Each assessment took 5-6 weeks, driven by slow vendor response times, long email chains, and manual internal review.
  • Poor risk visibility: Little actionable insight into each vendor’s risk profile or the organization’s overall third-party risk posture.

Decision Process

Tower Health sought out a better approach and evaluated four different TPRM solutions against the following key criteria:

  • Flexible: Questionnaires must automatically adjust based on the vendor’s size and criticality.
  • Standardized: Questionnaires must be standardized, but allow for custom questions, if needed.
  • Insightful: Must answer CISO’s targeted risk questions. (e.g., Which vendors don’t meet our access standards?)
  • Affordable: Must meet budget constraints and incentivize unlimited assessments.

Why Censinet

Censinet met all of the requirements above and addressed Tower Health’s specific TPRM needs, including:

  • Vendor Community Buy-In: Censinet’s questionnaires are well-received by vendors, speeding up response times to a single day or even a single click.
  • Automated Corrective Action Plans (CAPs): Censinet automatically generates corrective actions based on questionnaire responses, helping Tower quickly identify and prioritize the most critical risks.
  • Responsive Support and Innovation: Censinet’s Customer Success team is highly responsive and actively seeks out continuous improvement based on Tower’s feedback.

Check mark icon

Check mark icon

Check mark icon

Check mark icon

Check mark icon

Check mark icon

About Tower Health

Tower Health is a regional integrated healthcare system in Pennsylvania that offers compassionate, high-quality, leading-edge healthcare and wellness services to communities in Berks, Chester, Montgomery, and Philadelphia Counties. With approximately 11,500 employees, Tower Health consists of Reading Hospital, Phoenixville Hospital, Pottstown Hospital, and St. Christopher’s Hospital for Children in Philadelphia, in partnership with Drexel University.

Terry Grogan, MIS, CISM, Chief Information Security Officer at Tower Health
Terry Grogan, MIS, CISM
Chief Information Security Officer
Chief Information Security Officer

Censinet Impact on TPRM Program

Before Censinet

  • 5-6 weeks to complete an assessment
  • Up to 5 FTEs working on assessments
  • Small number of assessments completed
  • Zero reassessments performed
  • Slow vendor response time
  • Poor third-party risk visibility

After Censinet

  • Less than 1 week to complete risk assessments
  • 2 FTEs for risk assessments (3 redeployed)
  • 3x increase in assessment productivity
  • Performing reassessments regularly
  • Same day responses from vendors
  • Actionable insight into key risk areas

About Tower Health

Tower Health is a regional integrated healthcare system in Pennsylvania that offers compassionate, high-quality, leading-edge healthcare and wellness services to communities in Berks, Chester, Montgomery, and Philadelphia Counties. With approximately 11,500 employees, Tower Health consists of Reading Hospital, Phoenixville Hospital, Pottstown Hospital, and St. Christopher’s Hospital for Children in Philadelphia, in partnership with Drexel University.

Terry Grogan, MIS, CISM, Chief Information Security Officer at Tower Health
Terry Grogan, MIS, CISM
Chief Information Security Officer
Chief Information Security Officer

About Tower Health

Tower Health is a regional integrated healthcare system in Pennsylvania that offers compassionate, high-quality, leading-edge healthcare and wellness services to communities in Berks, Chester, Montgomery, and Philadelphia Counties. With approximately 11,500 employees, Tower Health consists of Reading Hospital, Phoenixville Hospital, Pottstown Hospital, and St. Christopher’s Hospital for Children in Philadelphia, in partnership with Drexel University.

Terry Grogan, MIS, CISM, Chief Information Security Officer at Tower Health
Terry Grogan, MIS, CISM
Chief Information Security Officer
Chief Information Security Officer
On the Impact of RiskOps:

Conclusion

Censinet RiskOps™ transformed how Tower Health manages third-party risk, turning a “broken and inefficient” process into a streamlined, effective, and strategic function. If interested in hearing more about Tower Health’s experience with Censinet RiskOps™, or how Censinet can help transform your TPRM program, please contact us.

Contact CensinetContact Censinet
Collage featuring a woman working on a laptop computer, and a doctor reviewing a screen filled with patient data

Sign-up for the Censinet Newsletter!

Hear from the Censinet team on industry news, events, content, and 
engage with our thought leaders every month.

Terms of Use | Privacy Policy | Security Statement | Crafted on the Narrow Land