Preview Mode Links will not work in preview mode

Welcome to the Change Healthcare podcast.

Change Healthcare is inspiring a better healthcare system.

Whether you need to improve operational efficiency, optimize financial performance, or enhance the consumer experience, we offer the industry insight and innovative technology to help you meet your objectives.

Jun 15, 2020

Cybersecurity is only as strong as the security of an organization's vendors. Randall Frietzsche, chief information security officer (CISO) of Denver Health, a level one trauma center in Denver, has his organization's information security assessments down to a science. On today’s show, Randall joins Change Healthcare’s John Zuziak to share how Denver Health conducts security assessments, and how Randall's team assesses new vendors and monitors for vulnerabilities.

Today's panel: John Zuziak, Change Healthcare's Security and IT Risk Management Practice director; and Randall “Fritz” Frietzsche, MS, CISSP, CHPC, C|EH, C|HFI, ISSA distinguished fellow, and enterprise chief information security officer (CISO) at Denver Health, Denver, Colo.

Here’s what they talked about:

  • Frameworks for building security programs and assessments
  • Assessing security risk with third-party vendors
  • Creating a risk management policy
  • Conducting risk stratification analysis
  • Assigning risk tiers to third-party vendors
  • Keeping an eye on control gaps
  • Bucketing risks: financial, reputational, patient safety
  • Addressing vendors’ security gaps
  • Allowing for exceptions to the rules
  • The security check as part of the purchasing workflow
  • Top 10 security control objectives in every contract
  • The annual third-party review

Episode Resources

  1. Randall Frietzsche’s bio
  2. John Zuziak's bio
  3. Denver Health
  4. Change Healthcare Consulting Services
  5. Change Healthcare Consulting Services Resources
  6. Change Healthcare Industry Insights
  7. COVID-19 Updates and Resources
  8. COVID-19 Updates Newsletter
  9. Change Healthcare Insights Newsletter

Show Resources