Log in
Show password
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Dynamic quotes 
News: Latest News
Latest NewsCompaniesMarketsEconomy & ForexCommoditiesInterest RatesBusiness LeadersFinance Pro.CalendarSectors

Global Companies Join Forces to Tackle Third-Party Risk Management Challenges

11/05/2020 | 01:01pm EDT

HITRUST names founding members of newly formed Third-Party Risk Management Council

HITRUST® announced today the formation of the HITRUST Third-Party Risk Management (TPRM) Council to foster collaboration between companies, third-party vendors, and advisory service firms. The mission for the TPRM Council is to drive efficiencies and effectiveness as it relates to identifying, assessing, and mitigating risk in the complex supply chain ecosystem.

Founding members of the TPRM Council are global security, risk, compliance, and audit executives representing a diverse cross-section of organizations. TPRM Council members are committed to identifying and supporting approaches to improve the current TPRM process—with a focus on increasing effectiveness and reducing inefficiencies.

“One of our goals for the Council is to ensure organizations are considering the impact on the supply chain as they mandate assurance requirements on their third parties,” said Dr. Bryan Cline, Chief Research Officer at HITRUST. “We are providing a collaborative forum for customers, their vendors, and their advisors to discuss these challenges, identify actionable solutions, and provide inputs directly to HITRUST on the approach toward doing just that—in the most effective, efficient manner.”

The need to ensure appropriate privacy and security over sensitive and confidential information, such as protected health information (PHI) or personally identifiable information (PII), with third-party vendors has never been more important. However, many current approaches to managing third-party risk have unintended, widespread impacts on companies and their vendors. Challenges exist around inconsistent and uncoordinated requirements that lead to redundant assessments. The results are inefficient uses of time, higher costs, increased burdens, and ineffective mitigation strategies.

“The HITRUST TPRM Council will serve to bring together customers, vendors, and partners across the ecosystem, helping to establish standards for both effectiveness and efficiency,” said Ashish Gupta, Vice President, Cyber & Data Product Management at Mastercard. “These objectives are in line with what we do every day at Mastercard, enabling better, more rewarding, and more secure experiences for businesses and individuals alike.”

The founding members of the TPRM Council include:

  • Amazon Web Services (AWS)Hadis Ali, Security Assurance Manager
  • AT&T Vecky Juko, Associate Director, Supplier Governance, Global Benefits
  • Broadridge FinancialSandra Rohrer, Sr. Director, Product Management, Marketing and Regulatory Communications
  • Change HealthcareSusan Richards, Director, Information Security
  • CoalfireZachary Shales, Director, Healthcare Assurance
  • ConduentTroy Bos, Director, Client Assurance
  • CVS HealthSteve Meallo, Information Security Program Management
  • Frist Cressey VenturesChris Booker, Partner
  • Frazier & DeeterAndrew Hicks, VP, Risk Assurance
  • Google Sam Morales, Program Manager, Cloud Compliance
  • Health Care Service Corporation (HCSC)Chris Lodico, Sr. Director, Information Security
  • HumanaMatt Phillips, Enterprise Information Security
  • Mastercard Ashish Gupta, VP, Cyber & Data Product Management
  • Microsoft Azure David Houlding, Director of Healthcare Experiences
  • Rite AidRobert Lautsch, CISO
  • TeleperformanceJeffery Schilling, Global CISO
  • UnitedHealth GroupBrian Troen, Sr. Director, Risk Governance & Supplier Management
  • University of Pittsburgh Medical CenterJohn Houston, VP, Information Security & Privacy
  • Vonage Ordia Bryan, Sr. Manager, Global Security Compliance

To learn more, visit: https://hitrustalliance.net/business/third-party-risk-management/

Industry professionals are invited to stay apprised of the HITRUST TPRM Council’s activities by joining HITRUST Central, a new online community. To join, visit https://go.hitrustalliance.net/HITRUST-Central-Apply-Now.

About HITRUST Third-Party Risk Management (TPRM)

The HITRUST TPRM and HITRUST CSF® Assurance Programs together can streamline and improve the TPRM process. HITRUST’s robust approach incorporates inherent risk, which helps to recommend controls required for inclusion and provides an appropriate level of assurance. Simplifying the TPRM process, in addition to layering in staff on-demand and software as a service, means that relying parties can streamline and scale their TPRM programs cost-effectively. Vendors benefit from being able to utilize a single assessment to be reported out in multiple ways for an Assess Once, Report Many™ approach.


Since it was founded in 2007, HITRUST has championed programs that safeguard sensitive information and manage information risk for organizations across all industries and throughout the third-party supply chain. In collaboration with privacy, information security and risk management leaders from the public and private sectors, HITRUST develops, maintains, and provides broad access to its widely adopted common risk and compliance management frameworks as well as related assessment and assurance methodologies. For more information, visit www.hitrustalliance.net.

ę Business Wire 2020
Latest news "Companies"
04:34pRENT A CENTER INC DE : Entry into a Material Definitive Agreement, Creation of a Direct Financial Obligation or an Obligation under an Off-Balance Sheet Arrangement of a Registrant, Financial Statements and Exhibits (form 8-K)
04:34pFB FINANCIAL CORP : Regulation FD Disclosure, Financial Statements and Exhibits (form 8-K)
04:33pMARIN SOFTWARE INC : Entry into a Material Definitive Agreement (form 8-K)
04:33pLIVEXLIVE MEDIA, INC. : Submission of Matters to a Vote of Security Holders (form 8-K)
04:33pGREENROSE ACQUISITION CORP. : Entry into a Material Definitive Agreement, Creation of a Direct Financial Obligation or an Obligation under an Off-Balance Sheet Arrangement of a Registrant, Other Events, Financial Statements and Exhibits (form 8-K)
04:32pESPORTS TECHNOLOGIES, INC. : Entry into a Material Definitive Agreement, Regulation FD Disclosure, Financial Statements and Exhibits (form 8-K)
04:32pJETBLUE AIRWAYS : US sues to stop deal between American Airlines and JetBlue
04:32pABEONA THERAPEUTICS INC. : Change in Directors or Principal Officers, Regulation FD Disclosure, Financial Statements and Exhibits (form 8-K)
04:32pAIM IMMUNOTECH INC. : Change in Directors or Principal Officers (form 8-K)
04:32pUNRIVALED BRANDS, INC. : Other Events (form 8-K)
Latest news "Companies"