Health3PT seeks a uniform approach to healthcare supply chain issues.
N2K logoJan 11, 2023

Over 20 US healthcare organizations have come together to form the Health3PT initiative to reduce third-party cyber risk.

Health3PT seeks a uniform approach to healthcare supply chain issues.

The Health 3rd Party Trust (Health3PT) Initiative and Council was announced today, bringing together leaders in the healthcare industry to approach third-party cyber risk management.

About the Health3PT initiative.

The Health3PT initiative seeks to approach solutions to the problem of third-party cyber risk management, with many security leaders in the US healthcare industry taking part. This comes following increased targeting of the healthcare industry by malicious actors, with the intent to better defend healthcare systems against supply chain attacks. “Managing third party risk in a comprehensive and sustainable way requires collaboration between healthcare organizations and their suppliers to find solutions that are efficient and effective for both sides," said Shenny Sheth, Deputy CISO for Centura Health. “That’s why the Health3PT is so important to Centura Health and our partnerships. In order for this to work, we need more healthcare organizations to adopt common, standardized processes.”

The security and risk faces behind the council.

The Council is comprised of security and risk executives from different areas of the healthcare sector, including:

  • Patricia Yarabinetz, Director, Information Risk Management, AmeriHealth Caritas
  • Cindy Shuna, Cyber Risk Management, Amerisource Bergen
  • Rick Kratz Director, Cyber Risk Management, Amerisource Bergen
  • Glen Braden, Principal, Attest Health Care Advisors
  • Dr. Omar Sangurima, Principal Technical Program Manager, Governance, Risk, & Program Management, Memorial Sloan Kettering Cancer Center
  • Shenny Sheth, Deputy CISO, Centura Health
  • Natalie Henderson, Executive Director, Third Party Risk Governance, CVS
  • Eric Sinclair, VP, Information & Cyber Security, Evolent Health
  • Matthew Webb, AVP – Product Security, Chief Product Security Officer, HCA Healthcare
  • Brenda Callaway, Divisional VP, Operations Performance Management, Health Care Service Corporation (HCSC)
  • John Chow, CISO, Healthix
  • Jeff Lockwood, VP of Enterprise Technology Services, HealthStream
  • Karin Balsley, Sr. Director, Information Security, HealthStream
  • Omar Khawaja, CISO, Highmark Health
  • Heather Ryan, Project Manager, Highmark BCBS
  • Joe Dylewski, Cyber Data Protection Manager, Humana
  • Purvik Shah, Project Manager, Memorial Sloan Kettering Cancer Center
  • Walsy Saez-Aguirre, Cyber Security Governance, Risk and Compliance Analyst, Memorial Sloan Kettering Cancer Center
  • Monique Hart, Executive Director of Information Security, Executive Director of Information Security, Piedmont Healthcare
  • Dr. Adrian Mayers, VP, CISO, Premera Blue Cross
  • Joel Seymour, Deputy CISO, Premera Blue Cross
  • Shawna Hofer, CISO, St. Lukes Health System
  • Brian Cayer, CISO, Tufts Medicine
  • Alan Labianca-Campbell, Director of Information Assurance, Tufts Medicine
  • John Houston, VP, Information Security and Privacy, UPMC
  • Ryan George, Sr. Director – IT, IAS, UPMC
  • Alex Zhivov, Vice President, Information Security, Virtual Health
  • Bhavesh Merai, Senior Manager, Technology, Risk & Compliance, Walgreens