Healthcare’s Gamble with Business Associate Breach Risks
Security breaches from third-party Business Associates and related regulatory penalties are piling up for healthcare entities this year. In a joint presentation with CORL in June 2020, the US Office for Civil Rights (OCR) reported that a top source of civil monetary penalties for Covered Entities in 2019 was inadequate management and compliance for third-party Business Associates. Despite the mounting financial penalties and breach costs resulting from third-party breaches, too many healthcare entities continue to gamble with underinvestment in their third-party vendor risk and compliance programs.
Read More