Security Audit Fatigue: How Efficient Audits Can Drive Business Value

Subscribe on your favorite platform:

About the Podcast: The CyberPHIx is a regular audio podcast series that reports and presents expert viewpoints on data security strategy for organizations handling patient health or personal information in the delivery of health-related services. These timely programs cover trends and data security management issues such as cybersecurity risk management, HIPAA and OCR compliance strategy and vendor risk management. Meditology Services, the healthcare industry's leading security and compliance firm, moderates the discussions with leaders in healthcare data security.

In this CyberPHIx episode, Chris Risley, Executive Director of Enterprise Risk Management for NASCO examines successful approaches to handling security audit requests from a vendor’s perspective. NASCO is an exclusive provider of claims processing and other services to Blue Cross Blue Shield Plans across the country.

Handling thousands of security audit questions per month while also conducting routine internal audits is a daunting and tiring task. Audit fatigue is real! However, meeting security audit requests has become a standard for doing business in the healthcare industry.

Listen as Chris addresses some of the following questions:

  • How do you help your organization combat audit fatigue?
  • What standards do you have in place to improve responsiveness and drive efficiencies in the audit process?
  • How do you handle capacity constraints in managing a portfolio of audits with limited bandwidth and staff?
  • How does effective security risk management correlate to business value and how is that value communicated to leadership and the marketplace?