Julia Hesse Discusses Need for Risk Assessment and Data Security in Health Organizations
Julia Hesse, partner, recently spoke to Healthcare IT News on why hospitals must focus on risk assessment and breach response times with regards to strengthening their cybersecurity.
To read more, click here.
From the article:
One of the key risk areas Hesse sees from both the legal and pure security side is vendor risk -- highlighted recently by the third-party breaches caused by misconfigured cloud storage buckets.
To Hesse, one way to mitigate this issue is to require vendors self-certify to a third-party risk assessment standard. From a pure workload perspective, it’s more efficient than an organization’s team performing the assessment.
“From a legal perspective, when you require the vendor to self-certify, they can make contractual obligations to meet those standards,” said Hesse. “It provides concrete, substantial hooks to get the vendor to meet those standards.”