Clueless Clause: Insurer Cites Lax Security in Challenge to Cottage Health Claim

Cottage Health filed a claim of more than $4 million....but it was denied by the insurer, Columbia Casualty. Columbia Casualty denied the claim alleging that Cottage's third party vendor, INSYNC Computer Solutions, Inc., failed to follow "minimum required practices."

Though Cottage made representations that it implemented basic security controls, there is no evidence that Cottage ensured its vendor, INSYNC Computer systems, implemented similar controls.  

The Link to 3rd Party Risk

In this case, Cottage Health may be on the hook for a lack of security controls related to a 3rd party it hired.

How Datum Security Can Help

Datum Security offers companies a means to efficiently manage third party risk to ensure their small and medium vendors maintain a baseline security posture which dramatically reduces the vendors' chances for being breached. This, in turn, provides the company doing business these vendors a much better security posture. The Datum Security Vendor Assessment Program collects actual evidence of policy enforcement and control rather relying on loose representations made by a vendor. 

Read the full article