下载PDF
NAVEX > 实例探究 > ECHO Health Enables Business Growth with NAVEX Vendor Management
NAVEX Logo

ECHO Health Enables Business Growth with NAVEX Vendor Management

技术
  • 应用基础设施与中间件 - 数据交换与集成
适用行业
  • 医疗保健和医院
适用功能
  • 商业运营
用例
  • 监管合规监控
  • 远程资产管理
服务
  • 系统集成
挑战
ECHO Health, a company operating in highly regulated sectors, had to ensure its third-party vendors satisfy any related requirements. This involved sending a periodic compliance survey to around 10 vendors who handled a variety of work for ECHO, such as printing or call center services, which involved the handling of regulated information. Those involved in assessing third-party risk at ECHO would rely on tools like spreadsheets, calendar reminders and emailed forms to track vendor compliance. However, to support a recent opportunity for rapid growth, ECHO saw a major increase in the number of third-party vendors necessary for its operations. Each new vendor represented a new need to evaluate risk. The 130-person firm was on the precipice of a major business opportunity. It recognized the growth potential could only be realized with an efficient, scalable strategy to vet and monitor third-party partnerships.
关于客户
ECHO Health, Inc. is a payment processor serving industries including the highly regulated sectors of health care and insurance. The company, based in Ohio, processes more than 175 million transactions annually. As a payment intermediary, ECHO handles a large amount of sensitive data such as patient health information. Compliance with regulations like the Health Insurance Portability and Accountability Act – HIPAA – is essential to ECHO’s business. The company was founded in 1997 and has a workforce of around 130 employees.
解决方案
ECHO implemented NAVEX IRM, launching a comprehensive and holistic governance, risk and compliance program. NAVEX IRM is an “integrated risk management” solution that enables organizations to gain a comprehensive view of their business and operations from a risk perspective. It connects individual risk disciplines and manages them in centralized fashion. Implementing NAVEX IRM allowed a small team at ECHO to expand the scope of their vendor risk assessments eight-fold, clearing the way for the company’s growth. ECHO uses NAVEX IRM as a single portal to efficiently manage and monitor four risk-based tiers of vendor and subject each to differing levels of appropriate scrutiny.
运营影响
  • ECHO designed an integrated risk management architecture as a foundation for third-party risk management in NAVEX IRM.
  • The architecture allowed for expansion of vendors under risk management eight-fold.
  • Risk-based approach allows for contextual and risk-based management of vendors.
数量效益
  • Expanded the scope of their vendor risk assessments eight-fold.
  • Managed and monitored four risk-based tiers of vendor.

相关案例.

联系我们

欢迎与我们交流!

* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

Thank you for your message!
We will contact you soon.