Hospitals are paying for not vetting their vendors

A new study from the Ponemon Institute reveals that healthcare organizations are not effectively managing the risks associated with third-party vendors, leading to increased fines and investigations. The average hospital has relationships with over 1,300 vendors, but most do not review their security practices annually. Additionally, many organizations are still relying on manual processes, rather than automating tools, to assess vendors. This lack of diligence has resulted in an average cost of $2.9 million per data breach. Healthcare providers need a better approach to third-party risk management.