• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to secondary sidebar
  • Skip to footer

  • Opinion
  • Health IT
    • Behavioral Health
    • Care Coordination
    • EMR/EHR
    • Interoperability
    • Patient Engagement
    • Population Health Management
    • Revenue Cycle Management
    • Social Determinants of Health
  • Digital Health
    • AI
    • Blockchain
    • Precision Medicine
    • Telehealth
    • Wearables
  • Life Sciences
  • Investments
  • M&A
  • Value-based Care
    • Accountable Care (ACOs)
    • Medicare Advantage

Nearly Half of Healthcare Organizations Suffered a Third-Party Security Incident in Past Year

by Fred Pennic 02/14/2025 Leave a Comment

  • LinkedIn
  • Twitter
  • Facebook
  • Email
  • Print

What You Should Know: 

– Imprivata, a digital identity company, today released a new global research report conducted in collaboration with the Ponemon Institute. The report, titled “The State of Third-Party Access in Cybersecurity,” reveals that third-party data breaches continue to pose a significant threat to organizations worldwide.

– The study, which surveyed nearly 2,000 IT security practitioners across various industries, found that 47% of organizations experienced a data breach or cyberattack involving a third-party accessing their network in the past 12 months. This figure is consistent with findings from a similar study conducted two years ago, indicating that the problem is persistent and pervasive.

Key findings of the report include: 

  • Ongoing Threat: 64% of respondents believe that third-party data breaches will either increase or remain at current levels over the next 12-24 months.
  • Expanding Attack Surface: Nearly half (48%) of organizations agree that third-party remote access is becoming the most common attack surface for cyberattacks.
  • Significant Consequences: Data breaches caused by third-party access have led to the loss of sensitive information, regulatory fines, and damaged relationships with vendors.
  • Visibility Challenges: 35% of respondents are unsure how cyberattacks perpetrated through third-party access occurred, highlighting a lack of visibility into vendor activity.
  • Resource Constraints: 41% of respondents cite insufficient resources or budget as a major barrier to mitigating third-party risk.

The Need for Improved Third-Party Risk Management

The report underscores the urgent need for organizations to strengthen their third-party risk management strategies. While awareness of the risks associated with third-party access has increased, many organizations struggle with inconsistent and immature security practices.

The report outline the following key recommendations:

  • Enhanced Visibility: Implement solutions to gain greater visibility into third-party access and activity on the network.
  • Access Control: Enforce strict access controls and least privilege principles for third-party vendors.
  • Continuous Monitoring: Continuously monitor third-party activity for suspicious behavior.
  • Regular Security Assessments: Conduct regular security assessments of third-party vendors to ensure they meet security standards.
  • Incident Response Planning: Develop and test incident response plans to address potential breaches caused by third-party access.

“Third-party access is necessary to conduct global business, but it is also one of the biggest security threats and organizations can no longer remain complacent,” said Joel Burleson-Davis, Senior Vice President of Worldwide Engineering, Cyber, at Imprivata. “While some progress has been made, organizations are still struggling to effectively implement the proper tools, resources, and elements of a strong third-party risk management strategy. Cybercriminals continue capitalizing on this weakness, using the lack of visibility and uncertainty across the third-party vendor ecosystem to their advantage.”

  • LinkedIn
  • Twitter
  • Facebook
  • Email
  • Print

Tagged With: Cybersecurity

Tap Native

Get in-depth healthcare technology analysis and commentary delivered straight to your email weekly

Reader Interactions

Primary Sidebar

Subscribe to HIT Consultant

Latest insightful articles delivered straight to your inbox weekly.

Submit a Tip or Pitch

Featured Interview

Reach7 Diabetes Studios Founder Chun Yong on Reimagining Chronic Care with a Concierge Medical Model

Most-Read

Bayer Exits Radiology AI Market, Discontinuing Calantic and Blackford

Bayer Exits Radiology AI Market, Discontinuing Calantic and Blackford

Oracle Health Launches AI Center of Excellence for Healthcare

Oracle Health Launches AI Center of Excellence for Healthcare

Particle Health Addresses Integration to Epic Data Despite Dispute

US Court Allows Particle’s Antitrust Claims Against Epic to Proceed

Epic Launches Comet: A New AI Platform to Predict Patient Health Journeys

Epic Launches Comet: A New AI Platform to Predict Patient Health Journeys

Preparing for the ‘Big Beautiful Bill’: How Digitization Can Streamline Medicaid Eligibility & Social Care Delivery

Preparing for the ‘Big Beautiful Bill’: How Digitization Can Streamline Medicaid Eligibility & Social Care Delivery

Evernorth Health Services Invests $3.5B in Shields Health Solutions

Evernorth Health Services Invests $3.5B in Shields Health Solutions

KLAS Report: Oracle Health Faces Customer Losses and Declining Satisfaction

KLAS Report: Oracle Health Faces Customer Losses and Declining Satisfaction

Tempus AI Acquires Digital Pathology Leader Paige for $81.25M

M&A:Tempus AI Acquires Digital Pathology Leader Paige for $81.25M

Mira Launches Ultra4™, the First At-Home Hormone Monitor with Lab-Quality Insights

Femtech: Mira Launches Ultra4™, the First At-Home Hormone Monitor with Lab-Quality Insights

How Healthcare CIOs Can Solve the Unstructured Data Crisis and Reduce Storage Costs

How Healthcare CIOs Can Solve the Unstructured Data Crisis and Reduce Storage Costs

Secondary Sidebar

Footer

Company

  • About Us
  • Advertise with Us
  • Reprints and Permissions
  • Submit An Op-Ed
  • Contact
  • Subscribe

Editorial Coverage

  • Opinion
  • Health IT
    • Care Coordination
    • EMR/EHR
    • Interoperability
    • Population Health Management
    • Revenue Cycle Management
  • Digital Health
    • Artificial Intelligence
    • Blockchain Tech
    • Precision Medicine
    • Telehealth
    • Wearables
  • Startups
  • Value-Based Care
    • Accountable Care
    • Medicare Advantage

Connect

Subscribe to HIT Consultant Media

Latest insightful articles delivered straight to your inbox weekly

Copyright © 2025. HIT Consultant Media. All Rights Reserved. Privacy Policy |