OpenVRA By Dash

A security standard that encourages responsible data sharing and collaboration between providers and vendors



Providers: Download Framework Vendors: Take Free Assessment

Evaluating Vendor Risk is Critical

In order to avoid potentially devastating vendor-based breaches, a repeatable, scalable, third party evaluation process is crucial.

In collaboration with healthcare providers and leading healthcare vendors, Dash has created the OpenVRA, a vendor risk assessment process which standardizes vendor intake and security scoring. Starting with the OpenVRA allows healthcare providers to establish a security baseline from which to measure potential data sharing vendors. Providers can then customize the assessment with their own unique tests and measurements.

Evaluating Vendor Risk is Critical

Open Framework

Build your vendor risk assessment around the standard developed by experts in the healthcare field.

Built For Providers

OpenVRA is built in collaboration with health providers to simplify the vendor security and assessment process.

Robust Assessment

Analyze and manage the risk profile of your vendors by implementing the Dash VRA framework.

Healthcare Providers

Evaluate Security & Compliance for Healthcare Vendors

Digital Health companies, Healthcare Software and Healthcare Startups deal with a large regulatory burden when building HIPAA compliant healthcare solutions. Dash provides a platform for easily managing HIPAA administrative and technical controls in the public cloud.


Download The Abstract

Healthcare Vendors

Evaluate Your Security Program Against The OpenVRA

The OpenVRA free vendor security assessment allows vendors to prepare for the security assessments they face or will soon face from hospitals and providers. Take the OpenVRA and see how your organization stacks up!


Take Free Assessment

The Latest From OpenVRA


Vendor Risk Is At A Critical State

A Business Associates’ Agreement or “BAA” is an agreement entered by a covered entity and business associate when a vendor may receive access to Protected Health Information (PHI). Learn about what signing a BAA entails.

Read more
Why We Created OpenVRA

Organizations can use cloud storage solutions for file storage, sharing, and collaboration. Learn about which cloud storage solutions can be configured in a HIPAA compliant manner

Read more