CORL Technologies unveils third-party risk management service for healthcare

CORL Technologies introduced Third-Party Incident Response (TPIR), allowing healthcare providers to address third-party security incidents proactively.

CORL’s TPIR service tames the chaos of incident response by enabling healthcare companies to share information and provide total clarity about how each party will respond to industry-wide vulnerabilities and episodic data breaches.

According to SC Magazine, nine out of the ten most significant healthcare data breaches were caused by third-party vendors. The Verizon annual Data Breach Investigations Report indicates ransomware saw a 13% increase in 2022, making up almost 70% of malware breaches. Ransomware incidents can cause computer systems to be down for weeks, creating a ripple effect that can impact hundreds of providers and patients.

CORL’s TPIR eliminates the chaos of third-party incident response for faster resolution. TPIR clarifies every stage in an incident lifecycle, including proactive preparedness profiles and scoring, impact mapping, managing outreach and response, automating communications, and identifying key metrics using standardized data. CORL offers healthcare companies numerous benefits, including:

• Improved preparedness – Create a strong data foundation with readiness profiles, managed key contact rolodexes, and scores by vendor, vendor tier, and in aggregate.
• Extended visibility – Understand incident implications using impact mapping, live response tracking, reports, and other tools.
• Reduced internal burden – CORL serves as an expert partner providing scalable outreach, response management, and reporting.
• Well-defined course of action – TPIR provides a clear communication plan for each vendor with correct contacts and escalations.

“We developed Third-Party Incident Response to prepare healthcare providers and vendors before an incident occurs,” said Cliff Baker, CEO of CORL Technologies. “Vendor data breaches happen every day, and very few know who to contact or how to escalate when they don’t get what they need. With TPIR we eliminate the chaos, provide clarity around points of contact, escalation, incident impact, remediation, etc., and do all the outreach, so there is no impact on the internal team.”

TPIR provides preparedness at scale, starting with an accurate data foundation. CORL prepares a Third-Party Incident Preparedness (TPIP) profile and score for each vendor to identify gaps and improve preparedness across all vendors. CORL’s managed Third-Party Incident Impact (TPI3) workflow provides rapid insight into how an incident impacts the business. The result is a coordinated plan of action that outlines responsibilities and eliminates duplicate efforts.

“CORL is committed to going beyond risk management tools that stop short of solving the problem,” continued Baker. “Our managed assessment methodology, the way we utilize data, and decision-support tools address the healthcare industry’s real-world security and privacy challenges. We are committed to integrating the best of technology and human intelligence to make third-party risk management a business enabler.”