Healthcare data breaches have attracted a lot of attention over the last few years, and more often than not, those breaches were performed by vendors. According to a latest study conducted by the Ponemon Institute, criminal attacks in healthcare are up 125 percent since 2010 and are now the leading cause of data breaches. It also points out that data breaches costs the healthcare industry $6 billion annually, and the average economic impact of data breaches per organization is $2,134,8001. The most important concerns over cyber security for healthcare providers and payers stem from external sources, making external attackers and vendors a top vulnerability.
Moreover, the richness and uniqueness of the information that health plans, doctors, hospitals, and other providers handle makes healthcare vulnerable to data breaches. Though healthcare organizations are investing time and effort to mature their vendor governance program, they have a long way to go to improve security measures and reduce risks.
With cyber-attacks via vendors becoming more prevalent, it’s time that healthcare payers and providers focus on building an effective vendor governance program. Though it is a challenge to manage the complex web of vendors, following key best practices, including a thorough risk assessment, due diligence and continuous monitoring of vendor performance, can go a long way in addressing this challenge.
Additionally, adopting a technology solution, allows healthcare providers and payers to further improve their vendor governance and develop effective vendor relationships that improve business relationships and performance.