ClearDATA Maintains a Clean Bill of (Third-Party Risk) Health with OneTrust Vendorpedia

ClearDATA Maintains a Clean Bill of (Third-Party Risk) Health with OneTrust Vendorpedia

ClearDATA is the market leader for healthcare cloud computing and information security services for providers, life sciences, payers and healthcare technology organizations. By enabling their customers to automate, protect, and securely manage healthcare applications, data, and IT infrastructure in the cloud, ClearDATA empowers the industry to focus on making healthcare better by improving healthcare delivery.

quotes
Because of OneTrust, I’m not constantly following up with vendors and I have all the information I need in a timely manner to feel confident about our compliance and risk management processes.
Jonathan Slaughter
DIRECTOR OF COMPLIANCE, SECURITY AND PRIVACY

As a technology company interacting with sensitive healthcare data, ClearDATA understands the importance working with trustworthy and compliant third-parties that hold with their customers’ information. “ClearDATA was founded to help with patient care,” said Jonathan Slaughter, Director of Compliance, Security and Privacy at ClearDATA. “To accomplish this and move forward as a business we needed to better understand what data our third-parties and vendors are collecting and the level of risk they pose for our customers.”

A Platform to Assess, Mitigate, and Monitor Third-Party Risks at Scale

ClearDATA approached their third-party and vendor risk management initiatives with the objective of protecting customer privacy, while mitigating third-party risks and meeting security and compliance requirements. They needed to streamline existing manual processes by adding automation workflows to manage compliance and reduce risks during the evaluation, onboarding, and monitoring of their vendors.

With critical data housed across three major public cloud providers, ClearDATA needed a centralized software platform that could serve as a single solution to streamline and scale their once spreadsheet-centric third-party risk management program.

After extensive evaluation, ClearDATA selected OneTrust Vendorpedia™ to automate their third-party risk management operations.

“OneTrust is the one company out there that’s taking a holistic approach to understanding third-party, security, and privacy risk from a technology standpoint,” said Slaughter. “Their Vendorpedia solution has allowed us to be more agile and scale rapidly to optimize our business processes and simplify our assessment, mitigation, and monitoring of third-party risks,” said Slaughter.

OneTrust Vendorpedia is a centralized platform for global third-party risk, security and privacy professionals. Changes to third-party vendor risks are inevitable, making static one-off assessments unreliable over time. The platform offers ongoing monitoring with privacy and security scanning, ongoing assessment updates via the exchange, and scheduled reassessments to maintain a watchful eye on third-parties. When significant changes are detected, OneTrust Vendorpedia sends the organization relevant alerts.

“With OneTrust Vendorpedia we’re able to manage the third-party risk management lifecycle and understand risks on an ongoing cadence instead of having to manually reevaluate vendors when renewals or audits are coming up,” he added.

Today, ClearDATA can automate their entire third-party risk management lifecycle from onboarding, triaging and assessing risks, managing vendor contracts, demonstrating compliance with recordkeeping, performing ongoing vendor audits, and fully offboarding vendors. “Because of OneTrust, I’m not constantly following up with vendors and I have all the information I need in a timely manner to feel confident about our compliance and risk management processes,” said Slaughter.

What’s more, Slaughter and his team found little need to spend time on a custom configuration. “We were able to use the solution right out of the box to meet our needs, something that is very unique and really showcases the flexibility of the tool.”

As ClearDATA looks to the rest of 2019 and beyond, they are excited to enhance their use of the OneTrust. With a strong customer base in the Asia Pacific region, and many privacy laws and security frameworks being developed and implemented very quickly worldwide, ClearDATA is planning to dig deeper into OneTrust Vendorpedia and other products to ensure they are confidently protecting customer data on a global scale.

Recommended Resources