Cybersecurity
|

In recent years, data breaches have become more prevalent, and cybercriminals have continued to develop more sophisticated tools to gain unauthorized access to health data. One recent report shows that since 2009, hackers have stolen more than 176.3 million health records in over 1,100 separate breaches. A large percentage of these breaches are caused either by human error or by inconsistent security requirements among healthcare providers and their vendors.

As the risk of security-related events increases, vendor form agreements are increasingly drafted with a focus on protecting the vendor and shifting a large amount of risk to the customer. While we are now seeing more security-related provisions in healthcare IT agreements than we once did, most vendor form agreements still lack necessary provisions that customers should require. This article will provide recommended provisions that healthcare customers should consider adding to their healthcare IT contracts to mitigate risk and to ensure the vendor is responsible for consistent security standards.