SureCloud today announced that it will provide its governance, risk and compliance (GRC) solution to Neighborhood Health Plan of Rhode Island (Neighborhood) to enhance the not-for-profit health plan’s information security, risk, privacy and compliance practices across the organization. Through the implementation of SureCloud’s GRC solution, Neighborhood aims to increase transparency of risks, issues and non-compliance and strengthen the management of third party risks. Neighborhood is also focused on optimizing and automating workflows that enable governance, compliance testing, monitoring and reporting; and on improving risk coordination and communication between departments to ensure consistent and efficient reporting of risks.
Nick Rafferty, co-founder and COO at SureCloud said, “We’re delighted in Neighborhood’s decision to mature its information security, risk and privacy capabilities using the HiTrust framework through SureCloud. Our GRC software solutions allow organizations like Neighborhood to transform their processes into a streamlined and effortless operation with true automation, saving valuable time and resources and mitigating risks.”
Helena Chmielinski, enterprise risk and information security officer for Neighborhood said, “With cyber risks increasing globally at a rapid rate, it is more important than ever to be as vigilant as possible against cyber threats, and our engagement with SureCloud will assist Neighborhood in this effort. We are already benefiting from a common framework, consistent taxonomy, and centralization of information, and look forward to working with the SureCloud team to improve our understanding of Neighborhood’s risk posture.”
Chmielinski added that the implementation of SureCloud’s GRC solution will drive Neighborhood’s risk prioritization and inform strategic, budget, and project planning processes. She noted “phase one” of the rollout went live at the end of 2020.
Neighborhood’s multi-year partnership with SureCloud ties to a corporate goal focused on operational excellence. To assist Neighborhood achieve this goal, SureCloud will team with Neighborhood on the following.
- Compliance Management – Monitor and test compliance against any regulation, standard and framework, as well as manage specific compliance obligations and controls.
- Information Technology (IT) Risk Management – Bring business context to security data, such as threats and vulnerabilities. By linking IT infrastructure to business applications and processes, Neighborhood’s enterprise risk and information security team can see which critical business processes are at risk.
- Vendor/Third-Party Risk Management – Gain a comprehensive view across Neighborhood’s suppliers and the risk they may pose to the organization. Follow this up by creating a centralized register of Neighborhood’s third parties, then build and automatically send out assessments.
- Risk Management module with an Enterprise Risk register – Identify, assess and manage risks of all types across divisions, legal entities, business functions, and geographies, as well as enable Neighborhood to simultaneously support different Risk Frameworks and methodologies, such as ISO, COSO, and NIST.
SureCloud noted that the “phase one” work it executed for Neighborhood’s GRC solution implementation, met all design, timeline and budget requirements.