Third-Party Access Cybersecurity Threats and Precautions: A Survey of Healthcare Delivery Organizations
George A. Gellert, Daniel Borgasano, Robert Palermo, Gabriel L. Gellert, Sean P. Kelly

TL;DR
Healthcare organizations face significant cybersecurity risks from third-party access but lack resources and strategies to manage these threats effectively.
Contribution
This survey identifies key challenges and gaps in third-party cybersecurity management within healthcare delivery organizations.
Findings
Only 51.1% of HDOs maintain a comprehensive inventory of third-party network access.
Over half of respondents reported a third-party breach in the last year and expect breaches to increase.
Manual monitoring and insufficient resources are common barriers to securing third-party access.
Abstract
Gather insights regarding the state of third-party access cybersecurity in healthcare delivery organizations (HDOs). An online multinational survey was deployed to eligible respondents to assess HDO third-party access, cybersecurity, and challenges. Of 209 respondents, only 51.1% reported having a comprehensive inventory of all third parties accessing their network. Sixty percent stated third-party access to sensitive/confidential information was not routinely monitored, despite 19% having more than 40, and 31% having 21 to 40 third parties with network access. Reasons included lack of resources (48%) and centralized control over third-party relationships (36%), complexity (28%), and frequent third-party turnover (22%). Confidence in third-party ability to secure information and their reputations was cited. More than half (56%) reported a breach involving a third party in the last 12…
Genes, proteins, chemicals, diseases, species, mutations and cell lines named across the full text — each resolved to its canonical identifier and authoritative record.
Click any figure to enlarge with its caption.
Figure 1
Figure 2Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInformation and Cyber Security · Wireless Body Area Networks · Thoreau and American Literature
