The Safety Assessment is a vendor risk questionnaire in Third Party Management (TPM). It evaluates how a third party (Business Associate only) handles Protected Health Information (PHI) and related security controls. Once you have added a TPM and selected the Business Associate option in the TPM profile, you will have the option to "Assess Safety" of the TPM. This article will guide you on interpreting the safety assessment results.
When the assessment is submitted, the system calculates a numeric Safety Rating displayed on the third party profile as a gauge. A higher score indicates lower relative risk.
Each Business Associate can have one Safety Assessment.
What the score means
A higher score indicates lower relative risk based on the questionnaire answers.
Color | Score range | General interpretation |
|---|---|---|
Green | 80 and above | Strong relative security posture |
Yellow | 50–79 | Moderate risk; review specific answers |
Red | Below 50 | Higher risk; prioritize for follow-up |
Important Note:
The Safety Assessment is a structured self-assessment, not a formal audit or certification.
The rating reflects conditions at the time of completion. Reassess vendors when their services, data handling practices, or breach status change.
Comments
0 comments
Please sign in to leave a comment.