Third-party vendor risk guidance from Renown Health’s CISO

Bill Siwicki November 21, 2022

Data breaches in all sectors, especially healthcare, are increasing due to third-party entities entering networks. The sensitive data and reliance on third-party vendors make healthcare organizations particularly vulnerable. Renown Health’s CISO, Steven Ramirez, explains that vendors’ lack of oversight and outsourcing contribute to the risk. To mitigate this, Ramirez recommends a three-pronged strategy of vetting vendors, monitoring access, and detecting anomalies. He also suggests best practices such as understanding vendor activities, conducting security assessments, and minimizing access. (Words: 99)