CORL provides industry-leading Managed Services for security, privacy, and compliance programs.

Vrsm Icon

VENDOR RISK MANAGEMENT

CORL’s flagship tech-enabled managed service offering for Vendor Risk Management provides the people, processes, data, and technology integration that scales your program and delivers results.

What is CORL?
Why CORL?
Our Approach
Onsite Audits Icon

ONSITE AUDIT MANAGED SERVICES

CORL’s Onsite Audit Managed Services help organizations conduct physical security audits for critical and high-risk vendors. Working as an extension of your third-party risk management team, CORL conducts thorough analysis of vendor security postures including the following activities:

    • Physical walk-throughs of operating facilities, data processing locations, data centers, and more
    • Inspection and validation of security controls implementation
    • Review of vendor security practices for alignment with contractual and regulatory obligations

Onsite audits are delivered as an on-demand service to support extending the reach of your team to vendors across the globe.

Inventory Management Icon

BUSINESS ASSOCIATE AGREEMENT INVENTORY MANAGEMENT

CORL’s Business Associate Agreement (BAA) inventory compliance managed services help healthcare entities get their BAA’s up to date and compliant with HIPAA and OCR regulatory mandates.

  • How confident are you that all your Business Associates have up-to-date Business Associate Agreements (BAAs)?
  • Are your BAAs current with HITECH requirements?
  • Is your inventory up to date with OCR’s BAA guidance and ready to be produced upon investigation?

CORL’s BAA managed services will cost effectively:

  • Inventory actual and potential BAs from your vendor master list
  • Identify missing or out-of-date Business Associate Agreements
  • Reach out to BAs on your behalf to get all required documentation and BAAs updated

OUR APPROACH

4Phases OurApproach

FEATURED RESOURCES

Blog Post
Healthcare Vendors Sharing PHI with Facebook: Analysis & Recommendations
Read
Blog Post
Teaching a Vendor to Phish: How to Help Your Vendors Remediate Cyber Risks
Read
Infographic
The Evolution of Third-Party Risk Management in Healthcare
View
Blog Post
The History and Future of Third-Party Risk Management (TPRM) in Healthcare
Read
View All Resources
Quote Icon

As a Vice President and Security Officer, CORL's MARRS Service is valuable and has certainly made life easier for me. Before working with CORL, a lot of security compliance questionnaires were falling on me and taking up a lot of my time.

– Vice President and Security Officer
View All Testimonials
Quote Icon

CORL is a ‘force multiplier’ for our InfoSec Program. It is not possible for us to accomplish at this level, with this amount of efficiency, on our own. Even if we had an FTE... It would take a year or more, where CORL can do it in a month. We cannot reproduce this in-house.

– Information Security Leader
View All Testimonials
Quote Icon

CORL is an excellent partner. Their data presentation was exceptional, and I like that they are leveraging the power of big data to make risk decisions and look at trends across different industries in healthcare, as there are things we may overlook or not know to focus on.

– Information Security Director
View All Testimonials