Healthcare services are meeting patient demand by becoming increasingly digitized. These digital healthcare services are often developed by third parties and access electronic health records (EHR), revenue cycle management (RCM) systems, and other databases that include sensitive and legally protected information. While these electronic services are beneficial to both patients and providers, they create an increasingly complex software supply chain, with more potential vulnerabilities that are being targeted by hackers[¹]. Healthcare providers can find it difficult to manage effective oversight of these supply chains - including the relationships between different software tools, who has access to what data, and where there might be potential weaknesses.