Criminals are looking at the entire ecosystem of vendors linked to healthcare, including your third-party vendors. The main question is whether you and they understand the security of their services, requirements of HIPAA compliance, and how those impact your overall security and revenue. Here are three proactive next steps you can take:
1. Renew your commitment to security and compliance.
The best way to gain a foundational understanding is to do basic forensic fact finding of your business. How old is your practice management system? How secure is your secure email? Is your secure email fully HIPAA compliant?
2. Find out if your vendors are “walking the walk” with security and compliance.
Use the information you gained during your practice forensics to approach each vendor for a conversation about its current state of cyber security. Don’t hesitate to ask each vendor specifics about its products and services; and expect answers that satisfy your curiosity.
3. Not satisfied with what you learn? Find new vendors.
When you have direct conversations with your business allies and understand your vulnerabilities, you’ll both be more confident in the partnership. Third-party vendors that understand the importance of cybersecurity can be one of your greatest weapons against these criminals.