How we manage vendors
- We maintain an inventory of our vendors, and each vendor is assigned a risk level.
- Security assessments are completed for relevant vendors.
- Vendor relationships are governed by our Third-Party Management Policy. Agreements with our cloud and service providers are reviewed, including data-protection terms (such as business associate agreements) where applicable.
Working with us as a customer
We complete vendor security questionnaires for our customers. See the Request Documentation Under NDA article for how to ask for our standard responses.
Request the Third-Party Management Policy under NDA