In recent years, data breaches have become more prevalent, and cybercriminals have continued to develop more sophisticated tools to gain unauthorized access to health data. One recent report shows that since 2009, hackers have stolen more than 176.3 million health records in over 1,100 separate breaches. A large percentage of these breaches are caused either by human error or by inconsistent security requirements among healthcare providers and their vendors.
As the risk of security-related events increases, vendor form agreements are increasingly drafted with a focus on protecting the vendor and shifting a large amount of risk to the customer. While we are now seeing more security-related provisions in healthcare IT agreements than we once did, most vendor form agreements still lack necessary provisions that customers should require. This article will provide recommended provisions that healthcare customers should consider adding to their healthcare IT contracts to mitigate risk and to ensure the vendor is responsible for consistent security standards.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.
For questions call 1-877-256-2472 or contact us at [email protected]