From the course: ISC2 Health Care Information Security and Privacy Practitioner (HCISSP) Cert Prep
Unlock this course with a free trial
Join today to access over 23,200 courses taught by industry experts.
Managing third-party relationships
From the course: ISC2 Health Care Information Security and Privacy Practitioner (HCISSP) Cert Prep
Managing third-party relationships
Hello again and welcome to the HCISPP certification course with Cybrary. Managing third-party relationships. I'm your instructor, Schlaine Hutchins. In today's video, we're going to talk about relationship management and comprehending compliance requirements. So once the decision has been made to engage a third-party vendor, the contract becomes a key tool. As we talked about before, contracts with third parties are a critical component to the vendor management lifecycle. Under HIPAA, third-party vendors are classified as business associates and must execute a business associate agreement that spells out privacy and security compliance expectations. On the HHS website, template language is provided for the provisions that belong in the Business Associate Agreement. In addition to the BAA, many primary entities also elect to have additional contractual provisions to be more specific about security requirements. Contracts should also articulate the terms that cover the primary entity's…
Contents
-
-
-
-
-
-
-
-
-
(Locked)
Third-party risk management6m 4s
-
(Locked)
Maintain a list of third-party organizations4m 48s
-
(Locked)
Managing third-party relationships7m 3s
-
(Locked)
Third-party assessment and controls5m 3s
-
(Locked)
Third-party remediation efforts6m 10s
-
(Locked)
Requests regarding privacy and security events6m 46s
-
(Locked)
Awareness of third-party requirements6m 25s
-
(Locked)