Here’s a grassroots way to rethink security when working with cloud vendors

A new nonprofit called the Provider Third-Party Risk Management Council, spearheaded by top security executives from UPMC, Highmark Health, and Wellforce, aims to simplify the process of evaluating cloud vendors for hospital security and legal teams. The council has committed to eliminating their own questions and requirements if a cloud vendor earns HITRUST certification, which will allow for more meaningful conversations about product safety and use. Over 60 organizations have already joined the council, including Mayo Clinic, Cleveland Clinic, and Vanderbilt University Medical Center.