ChaptersCircleEventsBlog
Align cybersecurity controls with evolving regulations and make a real impact in the industry. Join CSA's Regulatory Analysis and Compliance Engineering Working Group!

Download Publication

Third-Party Vendor Risk Management in Healthcare
Third-Party Vendor Risk Management in Healthcare

Third-Party Vendor Risk Management in Healthcare

Release Date: 07/19/2022

The increased use of third-party vendors for applications and data processing services is a business model that is likely to continue, especially as HDOs find it necessary to focus limited resources on core organizational objectives and contract out support services. The HDO should assess the risks against the business objectives and mitigate them by implementing security controls. Continuous monitoring of third-party assets allows the HDO to detect and mitigate risks in near real-time.


Download this Resource

Prefer to access this resource without an account? Download it now.

Bookmark
Share
Related resources
Zero Trust Automation & Orchestration and Visibility & Analytics Overview
Zero Trust Automation & Orchestration and Visib...
Zero Trust Guidance for IoT
Zero Trust Guidance for IoT
State of SaaS Security Report 2025
State of SaaS Security Report 2025
Protecting the Weakest Link: Why Human Risk Mitigation is at the Core of Email Security
Protecting the Weakest Link: Why Human Risk Mitigation is at the Co...
Published: 06/20/2025
6 Cloud Security Trends Reshaping Risk and Resilience Strategies
6 Cloud Security Trends Reshaping Risk and Resilience Strategies
Published: 06/20/2025
How to Keep IAM Running in a Multi-Cloud World
How to Keep IAM Running in a Multi-Cloud World
Published: 06/18/2025
ISO 27001 Certification: How to Determine Your Scope
ISO 27001 Certification: How to Determine Your Scope
Published: 06/18/2025

Acknowledgements

Michael Roza
Michael Roza
Risk, Audit, Control and Compliance Professional at EVC

Michael Roza

Risk, Audit, Control and Compliance Professional at EVC

Since 2012, Michael Roza has been a pivotal member of the Cloud Security Alliance (CSA) family. He has contributed to over 140 projects, as a Lead Author or Author/Contributor and many more as a Reviewer/Editor.

Michael's extensive contributions encompass critical areas including Artificial Intelligence, Zero Trust/Software Defined Perimeter, Internet of Things, Top Threats, Cloud Control Matrix, DevSecOps, and Key Management. His lea...

Read more

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training