NAVEX > 实例探究 > ECHO Health Enables Business Growth with NAVEX Vendor Management

ECHO Health Enables Business Growth with NAVEX Vendor Management

NAVEX Logo
公司规模
SME
地区
  • America
国家
  • United States
产品
  • NAVEX IRM
技术栈
  • Risk Management Software
实施规模
  • Enterprise-wide Deployment
影响指标
  • Productivity Improvements
  • Digital Expertise
技术
  • 应用基础设施与中间件 - 数据交换与集成
适用行业
  • 医疗保健和医院
适用功能
  • 商业运营
用例
  • 监管合规监控
  • 远程资产管理
服务
  • 系统集成
关于客户
ECHO Health, Inc. is a payment processor serving industries including the highly regulated sectors of health care and insurance. The company, based in Ohio, processes more than 175 million transactions annually. As a payment intermediary, ECHO handles a large amount of sensitive data such as patient health information. Compliance with regulations like the Health Insurance Portability and Accountability Act – HIPAA – is essential to ECHO’s business. The company was founded in 1997 and has a workforce of around 130 employees.
挑战
ECHO Health, a company operating in highly regulated sectors, had to ensure its third-party vendors satisfy any related requirements. This involved sending a periodic compliance survey to around 10 vendors who handled a variety of work for ECHO, such as printing or call center services, which involved the handling of regulated information. Those involved in assessing third-party risk at ECHO would rely on tools like spreadsheets, calendar reminders and emailed forms to track vendor compliance. However, to support a recent opportunity for rapid growth, ECHO saw a major increase in the number of third-party vendors necessary for its operations. Each new vendor represented a new need to evaluate risk. The 130-person firm was on the precipice of a major business opportunity. It recognized the growth potential could only be realized with an efficient, scalable strategy to vet and monitor third-party partnerships.
解决方案
ECHO implemented NAVEX IRM, launching a comprehensive and holistic governance, risk and compliance program. NAVEX IRM is an “integrated risk management” solution that enables organizations to gain a comprehensive view of their business and operations from a risk perspective. It connects individual risk disciplines and manages them in centralized fashion. Implementing NAVEX IRM allowed a small team at ECHO to expand the scope of their vendor risk assessments eight-fold, clearing the way for the company’s growth. ECHO uses NAVEX IRM as a single portal to efficiently manage and monitor four risk-based tiers of vendor and subject each to differing levels of appropriate scrutiny.
运营影响
  • ECHO designed an integrated risk management architecture as a foundation for third-party risk management in NAVEX IRM.
  • The architecture allowed for expansion of vendors under risk management eight-fold.
  • Risk-based approach allows for contextual and risk-based management of vendors.
  • Robust reporting provides executive and board-level reports.
  • Established proactive risk management process that better manages risk, frees up time for other activities, and provides better analysis of vendor fit and the overall vendor relationship.
数量效益
  • Expanded the scope of their vendor risk assessments eight-fold.
  • Managed and monitored four risk-based tiers of vendor.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

相关案例.

联系我们

欢迎与我们交流!
* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

感谢您的信息!
我们会很快与你取得联系。