Organizations must carefully monitor that their business associates are adequately addressing data security to help guard against breaches, says Mark Eggleston, CISO at Health Partners Plans.
“For example … we ask for business continuity plans, but it’s also really more important to get the results of [testing] those plans,” he says in an interview with Information Security Media Group.
Eggleston will participate in a panel discussion on “Tackling Vendor Risk Management Challenges” at ISMG’s Healthcare Security Summit, to be held Nov. 13-14 in New York.
“You want to make sure that when you’re transferring your PHI , that it’s going to reputable firms that are using world-class … frameworks to secure that data,” he says.
In this interview (see audio link below photo), Eggleston also discusses:
- The growing risks posed by business associates;
- Examples of data breaches involving third parties;
- The challenge of protecting patient data in the cloud.
Eggleston is vice president, CISO and privacy officer at Health Partners Plans, a Philadelphia-based health insurance company. He…
