Provider third-party risk management | Taylor Lehmann

I managed to grab a seat for Taylor Lehmann's presentation today at the HITRUST booth during HIMSS19 Orlando. Taylor is the Chief Information Security Officer at Wellforce. He is also one of the founding members of the Provider Third-Party Risk Management Council.

Here are my takeaways from Taylor's presentation:

• PTPRM started in early 2018
• The Council recently agreed to accept HITRUST certification
• After 1 Sept 2020, third parties without HITRUST cannot do business with PTPRM participants
• Last week they announced a Risk Triage model with HITRUST
• One of the goals of PTPRM is to speed up onboarding of qualified vendors

Provider Third Party Risk Management Council

The Provider Third Party Risk Management Council aims to bring uniformity to the processes of managing third parties. PTPRM develops, recommends and promotes a series of practices to effectively manage information security-related risks in the supply chain and to safeguard patient safety and information.