Welcome to the CORL Client Community

The CORL Client Community is made up of an impressive mix of people representing all facets of Provider and Health Plan organizations: Information Security, Privacy, Compliance, Internal Audit, Legal, Risk Management, Cybersecurity, and more. The CORL Client Community includes professional roles that transcend all levels of an organization: Analysts and Project Managers, mid-level Management, various Business Stakeholder groups, and Executive and Chief-level.

The CORL Client Community can benefit from hearing from each other on important topics key to a successful vendor risk management program. Client speakers will lead web-based knowledge-sharing sessions. These sessions will be a limited audience of only other CORL clients.

All CORL clients will be invited. The sessions will be ~30-minutes long, delivered via Zoom web-session, and will be recorded for playback as requested by CORL clients. The agenda will be:

  • Introduction - 5 minutes
  • Presentation to CORL Client Community - 20 minutes
  • Q&A - 5-10 minutes

Topics will focus on highlighting VRM processes and best practices, and ultimately helping the entire CORL client community mature and make best use of a comprehensive vendor risk management program.

Please see the list to-date of CORL Client Speakers and Topics below. For any suggestions or questions, or to receive play-back of sessions, please email CORL Client Health leader Valerie.Blount@CORLTech.


CORL Client Speakers and Topics [upcoming as well as recorded for play-back]
  • Piedmont Healthcare: Executive Director talks about the benefits of Business involvement in and cross-functional governance of their VRM program.
    Webcast Replay from 10/25/18
  • Parkland Health & Hospital System outlines their 3-Phase VRM Program and gives away the secret: It's not about being a technical solution. It's about buy-in, people and process.
    Webcast Replay from 12/13/18
  • Director at a state-wide payor organization speaks to peers about the road taken to win a prestigious award - one in which only 50 nationwide organizations each year are nominated for security projects that demonstrate outstanding business value and thought leadership.
    Webcast Replay from 1/10/2019
  • Michigan Medicine: CISO and Team talk mature remediation process in an AMC environment.
    Webcast Replay from 2/14/2019
  • Sentara Healthcare: CISO talks VRM, Cybersecurity Scoring, and Risk Reconciliation Reporting.
    Webcast Replay from 3/12/2019
  • Saint Luke’s University Health Network, Part 1: “How We Remediated 700+ Vendor Risks”
    Webcast Replay from 4/30/2019
  • Saint Luke’s University Health Network, Part 2 + A Demo: “How We Remediated 700+ Vendor Risks”
    Webcast Replay from 6/3/2019​
  • UMMC... An OCR Odyssey
    A lost laptop resulted in a $2.75 million settlement with the U.S. Department of Health and Human Services, Office for Civil Rights, and began a remediation odyssey that continues today. Steve Waite shares the epic tale of UMMC’s travails in navigating the scrutiny attached to an OCR action.
    Website Replay from 7/25/2019​
  • ​Geisinger Information Security Office Strategic Project Manager and the Communications Specialist Demo the Process and Tools Used for Their VRM Program Success
    Shown first through the lens of the Geisinger Business Owners’ experience and then an inside look at “how the sausage is made,” the they will cover detailed process diagrams, communication templates, and appropriate leverage and routing of information via demo. You will hear from the Information Security Office’s Strategic Project Manager and Communications Specialist.
    Webcast Replay from 9/24/2019