BLOG

A groundbreaking cyberattack against the Texas-based IT network solutions provider SolarWinds has resulted in unauthorized access to a wide range of government and private sector organizations. The extent, scale, and impact of the attack are still being assessed; however, initial indications are that the attack will have lasting security impacts for months and possible years to come. Read More

CORL provides a unique and innovative model for managing third-party risk. However, there are wide range of vendor assessment technologies and solutions on the market including cyber risk scoring tools, GRCs, automated questionnaires, vendor exchanges, and more. This diversity of solutions has generated confusion for some vendors that are trying figure out how and where CORL fits into the picture with supporting your vendor risk program. Read More

CORL Technologies CEO Cliff Baker recently had the opportunity to deliver a presentation alongside leadership from the Office for Civil Rights (OCR) on the state of HIPAA Security Rule compliance and risk management for third-party Business Associate vendors servicing the healthcare industry. The breach data and enforcement updates supplied by OCR reinforced his perspective on the paradigm shift currently underway for healthcare delivery in the migration of critical business functions to third-party cloud-based platforms. Read More

Security and risk teams have been overwhelmed by the tsunami of requests for vendor security risk assessments as the digital health movement continues to shift data to third-party platforms. Constraints on human capital and time have never been tighter. Leading organizations are looking for ways to focus their teams on true risk management activities rather than perpetually collecting and formatting risk data. Information security and risk leaders have turned to technology and automation to help keep pace with this unprecedented demand for third-party security assessments. Read More

Did you know that over 86% of vendors servicing healthcare providers in 2020 are either in the Very Small (between 1-50 employees) or Small (between 51-500 employees) categories? That figure derives from analysis that was conducted in February 2020 of security assessments conducted on CORL’s database of over 50,000 healthcare vendors. This latest analysis highlights a growing trend of smaller vendors dominating the healthcare vendor landscape and changing the way in which healthcare vendor risk managers need to think about third-party risk mitigation approaches. Read More

Healthcare has become a prime target for malicious actors bent on profiting from the resale and reuse of patient information. Healthcare entities are scrambling to sure up security controls for their own organizations and third-party business partners as the sprawl of patient information continues to drive widespread data breach events. Many healthcare Covered Entities and Business Associates servicing the industry are pursuing or evaluating enterprise security certifications to provide assurance of their security program and control effectiveness to the market. Read More