Privacy & Security

After the Change Healthcare breach, healthcare organizations are diversifying their buying strategies and asking about vendors' cybersecurity policies, says Karly Rowe, interim president of Inovalon's provider business unit.  

Healthcare security incidents in 2024 highlighted third-party vendor risk and the need to prepare business continuity plans and tabletop exercises in case of attack, says Lee Kim, senior principal of cybersecurity and privacy at HIMSS.

Garrett Weber, Akamai Technologies field CTO for enterprise security, explains how the new HIPAA security rule requires healthcare organizations to use specific technical controls, but it can also help to better position third-party risk management.