Health3PT recommends fixes for third-party risk management

The Health 3rd Party Trust Initiative has released a blueprint for third-party risk management that offers recommended best practices. The initiative aims to help healthcare organizations meet privacy and security requirements, as well as qualify for mitigation from penalties in the event of a third-party data breach. The initiative was prompted by outdated third-party risk management approaches and the high number of healthcare organizations experiencing third-party breaches. The recommended practices include concise contract language, risk tiering strategies, and consistent vendor assurances.