Apache Log4j Vulnerability: 8 Questions to Ask Your Vendors
The Prevalent Healthcare Vendor Network
The H-ISAC’s exclusive solution for vendor risk assessment assurance
The Prevalent Healthcare Vendor Network (HVN) is an on-demand library of risk profiles on thousands of third parties serving the healthcare industry. HVN members have instant access to clear vendor risk scores based on standardized risk assessment responses, backed by insights from continuous cyber, business and financial threat monitoring.
The HVN is offered exclusively to H-ISAC members under the organization’s program for Shared Risk Assessments for Third Parties as the preferred way to accelerate vendor risk management and compliance in the healthcare industry.
Key Benefits
-
Increase focus on risk analysis and remediation by tapping into shared data
-
Stop chasing down vendor risk data by outsourcing collection and analysis efforts
-
Reduce the cost of TPRM by automating assessment and monitoring processes
-
Accelerate vendor evaluations with cyber, business and financial health intelligence
-
Select from flexible licensing options tailored to your desired level of oversight
-
Meet compliance requirements with a standards-based approach to third-party risk management
Customer Story: Blue Cross and Blue Shield of Kansas City
Shella Gentry, information security analyst, discusses Blue Cross and Blue Shield of Kansas City's experience working with the Prevalent Third-Party Risk Management Platform.
Trusted by Leading Healthcare and Pharmaceutical Organizations
Key Features
-
Standards-Based Assessment Library
Access a database of thousands of completed and verified H-ISAC assessments and supporting evidence. Vendors are reassessed annually or upon your request.
-
Search and Request Assessments
Search for a specific vendor in the network to access assessment, cyber, business and financial data. Request assessments with a single click.
-
Risk Score Previews
Screen vendors during RFx processes with risk score previews based on inherent/residual risk, internal assessment results, and external monitoring reports.
-
Contact Onboarding
Identify potential points of contact; send templated email communications to enroll the user or identify alternatives; and onboard the user as the primary responder.
-
Outsourced Due Diligence
Save time and money by letting Prevalent experts handle everything from conducting assessments and following up with vendors, to reviewing responses and evidence for accuracy and relevance.
-
Snapshot Event Triage
Conduct an initial point-in-time review of business, reputational, or data breach events identified by Prevalent Vendor Threat Monitor; analyze them to identify false positives and noteworthy events; and adjust risk scores to reflect criticality.
-
Workflow and Task Management
Streamline vendor communications and speed remediation efforts by capturing and auditing conversations, assigning tasks, and tracking progress.
-
Automation Playbooks
Efficiently coordinate internal and vendor teams with pre-built playbooks that automate a broad range of onboarding, assessment and review tasks.
-
Machine Learning Analytics and Reporting
Leverage machine learning analytics to correlate hard-to-track metrics and provide insight into the riskiest vendors, controls and trends.
-
Compliance Mapping
Prevalent automatically maps assessment responses to specific regulatory and industry framework requirements, enabling you to quickly verify compliance or justify remediation efforts.
-
Remediation Guidance
Get clear and actionable recommendations for addressing risks identified during assessments. Track and report on issue resolution over time.
-
Issue Supplementary or Proactive Assessments
Issue additional assessments for fourth-party mapping, certifications, and business profiling. Vendors can also proactively report important events.
-
Relationship Mapping
Leverage passively identified fourth-party technologies to identify and create relationships among third parties.
-
Continuous Cyber, Business & Financial Insights
Transform point-in-time vendor assessments into dynamic intelligence profiles with continuous insights from cyber, business and financial monitoring events.
Flexible Licensing Options
Focus on the risks that matter most to you. Preview vendor risk scores; dig deeper with detailed assessment reports; or have Prevalent conduct deep, controls-based risk assessments on your behalf.
| Risk Preview | Risk Management | |
|---|---|---|
|
Users |
3 |
Unlimited |
|
Assessment Status for All Vendors in Library |
|
|
|
Inherent & Residual Risk Scores for All Vendors in Library |
|
|
|
Cyber, Business & Financial Risk Dashboards (read-only) |
|
|
|
Detailed Risk Assessment Responses & Results |
|
|
|
Outsourced Due Diligence for New Vendors (H-ISAC Assessment Collection & Analysis) |
|
|
|
Workflow & Task Management |
|
|
|
Remediation Guidance |
|
|
|
Risk Reporting |
|
|
|
Compliance Mapping |
|
|
|
Automation Playbooks |
|
-
White Paper5 Steps to Healthcare Third-Party Risk Success
56% of healthcare organizations have experienced a breach through a vendor. Discover the 5 steps you...
Blog PostA HIPAA Compliance Checklist for Third-Party Risk Management
Complying with HIPAA legislation requires gaining complete, internal view of third-party security and privacy controls. Learn...
WebinarOn-Demand Webinar: Pfizer Case Study - How to Get Third-Party...
Join Pfizer’s Keith Lichtenwalner to learn how he evolved Third-Party Risk Management (TPRM) from a tactical...
-
Ready to get started?
- Schedule a personalized solution demonstration to see if Prevalent is a fit for you.
- Request a Demo