Vendors Already Have AI. Your TPRA Process Probably Doesn’t.
Lessons from Brian Kelly’s standout H-ISAC Spring Summit session on AI, vendor risk & the growing visibility gap inside healthcare security.
At the recent H-ISAC Spring Americas Summit 2026 in Tampa, one of the most talked-about sessions wasn’t focused on futuristic AI predictions or theoretical governance frameworks. Instead, it tackled something far more immediate — and far more operationally urgent.
Brian Kelly delivered a highly practical session centered on a question many healthcare CISOs, CIOs, privacy officers, compliance leaders, and GRC teams are now facing in real time. It was titled “TPRAi-From Roadmap to Reality: How We Built AI into Our TPRA Workflows”
How do organizations evaluate AI risk inside their third-party ecosystem before it becomes their own liability?
The answer, according to Kelly, is not to reinvent vendor risk management from scratch. It’s to evolve it — quickly, deliberately, and pragmatically. That message resonated strongly throughout the summit because it reflected a reality many organizations are only beginning to recognize: Vendors are already deploying AI at scale whether customers formally approved it or not.
And in many cases, traditional Third-Party Risk Assessment (TPRA) processes simply were not designed to evaluate the risks that come with it.
TPRAi: 7-15 Questions – get the conversations started
1. Do you have any Artificial Intelligence (AI) / Machine Learning (ML) components in your product?
- Has your organization’s Corporate Code of Ethics content been modified to account for the addition of AI content to the business?
- Has your organization’s Acceptable Use Policy (AUP) been updated to incorporate proper use of AI/ML?
- Is your AI/ML product expected to recognize and control for input/output data classification? …Your product?
2. Is your AI system integrated with other products, platforms, models, or data sets?
- Please describe the integration
3. Will a human confirm generated result/answer?
- if NO – If results/decisions are independently reached by the application, how will those results be validated/audited for accuracy and potentially utilized?
4. Is it possible to use your AI product in a sandbox/test environment?
- If YES: How will sample data be submitted for testing system output?
5. Has the AI/ML application been evaluated against the OWASP Top 10 Critical Vulnerabilities for AI/LLM platforms?
- IF YES: Are the results from that evaluation available for review?
6. Do your AI/ML components interact with or handle our organization’s sensitive data (Corporate, PHI, PII, or other confidential data)?
- If YES: Will that data (Corporate, PHI, PII, or other confidential data) be included in that integration/training data set?
7. Does your product have any Large Language Model (LLM) AI components, training content, or links? If yes:
- Can input/prompt (LLM) data collection be cached for a session and NOT incorporated into the data model as a configuration option?
- Are the LLM data model and results monitored/audited for hallucinations (system invented information)?
- What mechanisms are in place to ensure the security and confidentiality of data (e.g., copyrighted data, trade secrets, sensitive business data, etc.) used to train the models in use?
- How does the software promote transparency, accountability, and ethical use especially in healthcare environments where results may impact patient care?
The New Visibility Gap in Vendor Risk
Most healthcare organizations already maintain mature Third-Party Risk Management (TPRM) programs. Over the years, those programs have become increasingly sophisticated around:
- PHI governance
- cybersecurity controls
- vendor onboarding
- contractual safeguards
- privacy compliance
- data handling reviews
- application inventories
- ongoing risk monitoring
But, AI fundamentally changes what organizations purchase.
Healthcare entities are no longer just procuring software platforms or hosted infrastructure. They are acquiring systems capable of learning, summarizing, inferring, recommending, prioritizing, automating, and in some cases independently acting on sensitive information and operational workflows.
That introduces entirely new categories of exposure.
During the session, Kelly described this challenge as a growing “visibility gap” inside traditional TPRA workflows. Existing questionnaires were never designed to assess:
- AI governance maturity
- model integrity
- training data exposure
- hallucination controls
- prompt retention practices
- ethical safeguards
- autonomous decision-making
- AI supply chain dependencies
- external model integrations
And in healthcare environments, those gaps can carry significant consequences.
When AI-driven outputs influence workflows tied to patient care, claims processing, fraud analysis, care management, or clinical decision support, transparency and accountability become far more than compliance exercises. They become operational risk issues.
Extending TPRA Instead of Replacing It
One of the strongest aspects of Kelly’s presentation was its practicality.
At Community Health Network of Connecticut, Inc. (CHNCT), the approach was not to build a completely separate “AI governance program” disconnected from existing processes. Instead, the organization extended its current TPRA framework with targeted AI-specific controls and assessment questions.
That distinction matters.
Many organizations risk creating what some leaders now describe as “AI governance theater” — large policy structures that appear comprehensive but fail to integrate into operational workflows that teams already use daily. CHNCT instead incorporated AI governance directly into its established GRC-driven vendor management process and Master Vendor and Application List (MVAL). The goal was not to create friction for the sake of governance. The goal was visibility.
As Kelly emphasized during the session: “You can’t get what you don’t ask for.”
That deceptively simple statement may be one of the most important lessons for organizations currently reviewing vendors.
Because many vendors are already embedding generative AI, machine learning, copilots, external LLM integrations, and autonomous functionality into products without customers fully understanding where or how those capabilities operate.
The Questions That Reveal Real Maturity
Instead of relying on lengthy, overly complex questionnaires, CHNCT implemented a streamlined set of AI-focused assessment questions aimed at quickly determining whether vendors genuinely understand the risks, governance requirements, and operational implications of their AI technologies.
Some of the most effective examples included:
- Does the product contain AI or machine learning functionality?
- Has the organization updated its Code of Ethics to account for AI usage?
- Has the Acceptable Use Policy been revised for AI/ML technologies?
- Does the platform recognize and enforce data classification controls?
Those questions alone often reveal whether a vendor has operationalized responsible AI governance or has added AI features faster than governance processes can keep up.
The framework then expanded into deeper operational areas, including:
- integrations with external models or datasets
- human validation of AI-generated outputs
- auditing of autonomous actions
- hallucination monitoring and mitigation
- sandbox testing environments
- OWASP AI vulnerability assessments
- PHI and PII handling within AI workflows
- confidentiality protections around training data
- prompt retention and logging practices
- lifecycle governance controls
Importantly, the process focused less on “checking boxes” and more on initiating meaningful conversations with vendors.
That operational mindset is increasingly critical because many organizations are discovering that vendor AI governance maturity varies dramatically — even among major technology providers.
Healthcare’s AI Challenge Is Different
One theme that stood out repeatedly throughout the session was that healthcare AI governance is fundamentally different from many other industries. In healthcare, inaccurate outputs, poorly governed automation, or opaque decision-making processes can directly affect patient outcomes, operational continuity, regulatory exposure, and public trust. That raises the stakes considerably.
To address this, CHNCT aligned portions of its approach with broader “Responsible Use of Artificial Intelligence” principles emphasizing:
- multidisciplinary review
- lifecycle governance
- ongoing monitoring
- transparency
- ethical usage
- continuous risk mitigation
The presentation also connected practical implementation with emerging industry guidance rather than attempting to invent entirely new frameworks from scratch. Among the resources referenced were:
- OWASP Top 10 for LLM Applications
- HECVAT (Higher Education Community Vendor Assessment Toolkit)
- Connecticut Responsible AI Policy Framework
- Microsoft Responsible AI Impact Assessment Template
That balance between operational execution and alignment with evolving standards is exactly what many healthcare organizations are actively searching for right now.
Why Practitioner-Led Conversations Matter
Another reason the session resonated so strongly was because it came from an operator actively building these processes internally — not from a heavily scripted vendor presentation.
That practitioner perspective was a recurring strength throughout this year’s H-ISAC Spring Summit overall.
The event consistently emphasized peer-driven discussion, implementation realities, operational constraints, regulatory pressure, and lessons learned from healthcare environments. There was noticeably less “marketing theater” and substantially more candid discussion around what organizations are truly encountering across healthcare security and risk management programs today.
That same spirit is expected to continue later this year at the NorthEast Annual Cybersecurity Summit (NEACS) at Quinnipiac University, where Brian Kelly is scheduled to present an updated version of this work.
Given how quickly AI adoption is colliding with third-party risk exposure across healthcare, higher education, financial services, and critical infrastructure, the topic is likely to attract significant executive attention.
Because the uncomfortable reality is becoming increasingly difficult to ignore:
🤖 Many organizations are already inheriting AI risk through vendors long before formally deploying AI internally.
👁️ And if TPRA processes are not asking AI-specific questions yet, the visibility gap may already be wider than leadership teams realize.
COMMENTS??
Find the SUMMARY version of this article on LinkedIn, and post your comments there.
