You are only as strong as your weakest link

weak link scaledCalling ALL Healthcare Vendors!!  Are you using HIC-SCRiM guidelines in your organizations?  Well, you should definitely consider doing so.  And healthcare businesses… Are you sure your vendors can support your business during a crisis?  Are you checking to see if they are using HIC-SCRiM?  Are your vendors one of your “weakest links”?


So, what in the world is HIC-SCRiM about?  Health Industry Cybersecurity Supply Chain Risk Management Guide or HIC-SCRiM is a publication to help small and mid sized healthcare organizations manage their supply chain vendors.  In Episode 247 “HIC-SCRiM Should Wake Up Vendors”, Donna and David explain what it is and why you should be making sure your vendors are taking guidance from HIC-SCRiM.

One of the cool things about HIC-SCRiM is it includes specific information that you will find helpful in using and understanding the program.  The guidelines actually include templates, workflow diagrams, policy and procedures and more.  If your vendors are following HIC-SCRiM’s guidelines, that’s great.  Make sure they are continually reviewing and updating their programs.  HIC-SCRiM is like healthcare assessments and policy and procedures, it is not a one and done project.  These elements need to be reviewed, tested, and updated.  Listen to how Donna and David describe the “Moving Target”.  Security is hard and even expensive, but it is a non-negotiable when you are talking about patient care.