Risk assessments of third-party providers in healthcare often begin and end with a look at how vendors store and transmit sensitive data. But that’s only one of several potential risks posed by third parties, says Intermountain Health CISO Erik Decker.
Vendors with access to hospital networks through VPN connections or other means present the risk that hackers could “ride” those connections to infiltrate sensitive systems, he says. And successful cyberattacks against vendors that provide mission-critical services — even something as simple as laundry — could severely impact an organization’s…
