HSCC releases guide on third-party AI risk, supply chain transparency

Apr 15, 2026 - 04:06 PM
Packages on assembly line

The Health Sector Coordinating Council’s Cybersecurity Working Group has released a guide on third-party artificial intelligence risk and AI supply chain transparency. The guide includes best practices on AI-driven supply chains for health care, including data lineage tracking, model auditability, embedded third-party dependencies and post-deployment monitoring. The best practices are intended to align with frameworks such as the National Institute of Standards and Technology AI Risk Management Framework. The guide also addresses growing gaps in discovery and disclosure processes that make it challenging to manage AI supply chain risk. 

“This guide offers practical, step-by-step guidance for health care organizations to identify existing and evolving instances of AI within their technology supply chains,” said John Riggi, AHA national advisor for cybersecurity and risk. “It offers effective strategies to mitigate related cyber and privacy risks, from procurement to deployment. This is especially important as insecure third-party technology, service providers and the supply chain continue to be the primary sources of cyber risk exposure and data breaches in health care.”

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.

Related News Articles

Headline
AHA Healthier Together Conference concludes with sessions on AI, person-centered care
The AHA wrapped up its inaugural Healthier Together Conference in Dallas May 14 with a plenary session on how the application of artificial intelligence-driven…
Headline
MACPAC calls for increased transparency on AI-supported prior authorization 
The Medicaid and CHIP Payment and Access Commission approved recommendations it will issue to Congress in its June report on oversight and increased…
Headline
FDA announces shortage of products used for neurosurgery, microsurgery expected to continue remainder of 2026
The Food and Drug Administration announced May 6 that it is aware of a shortage of neurosurgical patties, sponges and strip devices across the U.S. due to…
Headline
Webinar to explore AI use in cybersecurity, health care technology 
John Riggi, AHA national advisor for cybersecurity and risk, will moderate a webinar May 5 at 1 p.m. ET that will explore how bad actors are leveraging…
Headline
Agencies issue guidance on adopting agentic AI systems
The Cybersecurity and Infrastructure Security Agency, National Security Agency and international partners have released guidance on adopting agentic artificial…
Headline
FDA announces real-time clinical trials, request for information
The Food and Drug Administration April 28 announced its plan to advance the implementation of real-time clinical trials, which invite participants to supply…