NEW RELEASE: Prevalent Third-Party Risk Management v3.11 Introduces New Compliance Reporting and Risk Flagging

Healthcare Vendor Network

Healthcare Vendor Network™ (HVN)

Cybersecurity breaches are an unfortunate reality, and all healthcare organizations working with third party vendors have a much higher percentage of security vulnerabilities.

Prevalent has partnered with the Health Information Sharing & Analysis Center (H-ISAC) as the platform of choice to power their Shared Risk Assessments initiative to help reduce cyber threat risk for the health care community. This platform automates vendor evidence collection and risk assessments.

Vendor Risk Assessment with H-ISAC

Network members gain access to a vendor risk questionnaire called the H-ISAC Healthcare Questionnaire for evidence collection, which is designed to create a baseline across products, services, and vendors with industry common criteria for risk assessment and remediation. 

How does it work?

Step 1

Network members submit a list of vendors to Prevalent. From a time to value perspective there are two process scenarios:

  1. If a completed assessment is already available in the repository, Prevalent will request access for the member.
  2. If a completed assessment is not published in repository for the vendor, Prevalent will communicate with the vendor to obtain a completed Healthcare Questionnaire.

In both cases, published and not published, Prevalent will inform the member of published assessment evidence for the member to begin their risk governance review, acceptance and management.

Note: The Healthcare Questionnaire is reviewed for data integrity and validity with the vendor prior to repository publication. 

Step 2

The Risk Assessment process begins.