Category:
Information Protection; Access, Disclosure, Privacy and Security (for CEU certificate)

Presenters:
Barbara Carr
, , RHIA, Verisma Advisor, Former AVP of Health Information Management at Einstein Healthcare Network
Jim Staley, CISSP, Verisma’s Chief Information Security Officer

Presentation Content:
As healthcare providers continue to improve their own security, attackers are more frequently targeting third parties, vendors, and suppliers who provide services to healthcare companies. To make matters worse, they are also attacking not only your vendors, but also your vendor’s vendors! The idea that “you’re only as strong as the weakest link in the chain” has never been more true.

In this presentation you will hear from Verisma’s Chief Information Security Officer as he will share his risk management expertise and provide real world examples of third (and even fourth or fifth!) party attacks as well as software “supply chain” attacks. He’ll review what the “standards of care” are for third party management, decipher some of the ling around third party certifications, and provide some concrete “do’s and don’ts” for managing third-party risk.

Learning Outcomes:

  1. Understand why managing third party risk is more important than ever before.
  2. Understand the differences between third party attacks, “nth” party attacks, and “supply chain” attacks.
  3. Learn what different security frameworks and vendor certifications mean and what level of assurance they provide.
  4. Learn what’s important, what’s not important, and what things can even be counter-productive, when creating or participating in a third-party risk management process.