In my latest video below I discuss the largest healthcare data breach of 2019 and how organizations should approach vendor risk management to manage the risk that your vendors present to you.
63% of all healthcare data breached in 2019 was due to the breach of one third-party collection agency, American Medical Collection Agency (ACMA). This breach affected Quest Diagnostics, LabCorp, and 21 other covered entities. ACMA and its parent company have since filed for chapter 11 bankruptcy and the 23 affected organizations are left to deal with the fallout.
Having a business associate / vendor agreement in place is not enough. Organizations need processes in place to validate the security and practices of their vendors. Not all vendors are equal in terms of risk. Focus your more thorough validation on the vendors that present the most risk to your organization. Perhaps this is a vendor that has access to the largest volume of your critical data. Perhaps this is a vendor that performs a highly trusted function.
Learn more about the ACMA breach and how we should approach vendor risk management with my video below.

Geoff Wilson is an innovative cybersecurity thought leader with deep experience in defensive cybersecurity strategies. Having studied at Carnegie Mellon University and trained at the National Security Agency, Geoff brings 17 years of cybersecurity experience to your organization.
In his many cybersecurity roles, Geoff has been an IT Auditor, Penetration Tester, Risk Assessor, Forensic Analyst, SOC Engineer, Information Security Officer, Software Developer, Author, University Professor, and Consultant.
Geoff is a business leader having founded Go Security Pro in early 2019 with his co-founder Susan Wilson. Geoff regularly speaks at conferences, presents to executive leadership and boards, and can get in the technical weeds with IT professionals.
Geoff treats every engagement as a knowledge transfer opportunity and every client with the utmost care. He is ready to assist you with your cybersecurity challenges.