Skip to main content
Case studies

TPRM - Healthcare Case Study

TPRM Case Study

Requirement

Assist a large and growing telehealth & telemedicine provider in developing a comprehensive Third-Party Risk Management (TPRM) program within their global supply chain.

Issues

As one of North America’s fastest growing telehealth & telemedicine providers, the client wanted better assurances - and a proven program in place - on how to best monitor their suppliers.

With massive amounts of sensitive healthcare data being shared, senior leadership wanted a plan - and quickly - in designing and executing a TPRM program for all of their suppliers in the organization’s supply chain.

Additional issues for the client

No Experience with TPRM: The client had no real familiarity with the concept of TPRM, as such, no meaningful monitoring was being performed on their vast and growing supplier base.

No Compliance Officer: The client had no official compliance officer, therefore, no real ownership existed in terms of managing, or even beginning to conceptualize, what an actual TPRM program meant. As a result, in-house counsel was tasked with the job, but had no experience with TPRM.

Missing Compliance Culture: Regulatory compliance was never high on the list in terms of organizational importance, as the client was strictly focused on growth and profits.

Solution

Centris deployed a team of TPRM experts that successfully accomplished the following:

  • Defined project scope and client participation.
  • Identified all control gaps and recommendations for remediation.
  • Completely reviewed all current TPRM measures and began authoring new TPRM specific policies and procedures.
  • Established contact and working relationships with all suppliers to begin the all-important task of identifying all external suppliers.

Outcome

  • Built and deployed an extensive TPRM program - complete with policies, procedures, and processes, along with a well-balanced mix of both automated and manual control checkpoints.
  • Created a true culture of compliance where employees now understand and value information security, cybersecurity, and data privacy.
  • Implemented a continuous monitoring program for ensuring controls are properly monitored long after the consultants are gone.

Duration: 6 Months

Get the case study

Download the case study
Why Centris
As an internationally recognized business consulting firm, our highly trained employees work in every conceivable industry/sector in the global business arena. Centris has the knowledge and expertise you need for solving the challenges you’re facing. Our professionals are at the forefront of many of today’s most pressing risk, privacy, cybersecurity and compliance issues affecting organizations. We have a deep bench of talented professionals ready to go to work for you.
Ready to talk?