Risk and regulatory solutions for health industries

Strategic advice and solutions to help the healthcare industry anticipate and manage the evolving cyber, risk and regulatory landscape, build and maintain trust, and thrive in today’s dynamic healthcare ecosystem

The health industry is facing a myriad of challenges

The health industry is facing enormous challenges and fundamental shifts in how it operates. Organizations are transforming how they leverage technology and manage digital capabilities in the wake of the pandemic. At the same time, they’re confronting increased reliance on third-party systems and service providers, cost pressures and an increasingly complex, evolving regulatory environment. And they’re doing all of this with heightened scrutiny from auditors, shareholders and government agencies. This broad array of challenges dramatically increases and complicates the financial, technological, compliance and regulatory risk faced by healthcare companies.

How PwC can help risk management in healthcare

At PwC, we address the complex problems and business transformations faced by our clients. The healthcare industry confronts new demands and risks daily, and our global team of more than 4,000 US and 12,000 global professionals is ready to meet the challenge these demands present.

The goal: moving from reactive — or compliance-driven — approaches to more proactive resilient growth strategies.

With cross-functional expertise, cutting-edge analytics and technology enablement solutions, PwC can help in developing healthcare controls, systems and processes, addressing key governance issues and can provide guidance on risk oversight.

Our capabilities

Data protection, privacy and cybersecurity

PwC can develop data protection, privacy and cybersecurity programs, track and operationalize regulations, manage investigations and notifications, coordinate and support privacy programs and serve as specialized subject matter specialist.

Learn more

Risk assessment and enterprise risk management (ERM)

Our teams can develop, conduct and execute annual risk assessment and refresh your company’s processes including plans for audit and monitoring activities.

Regulatory compliance

PwC can support your regulatory compliance program through strategy, training, reporting, auditing and benchmarking through co-source or outsourced models.

Regulatory change management

Our teams can assess your regulatory change management process, provide real-time monitoring of regulations and intake, and support operationalization and implementation.

Internal Audit & SOX

Support for your Internal Audit (IA) and SOX functions through co-source and outsource solutions as well as IA transformation programs.

Learn more about internal audit

Learn more about SOX

Compliance Audit and Monitoring

Support your compliance audit and monitoring program through strategy, training, reporting, auditing and benchmarking through co-source or outsourced models.

Organizational Transformation

Assessment, guidance, and support around your organizational transformation efforts (i.e., ERP changes, digital / upskilling programs, other system implementations).

Learn more

Investigations & Forensics

Provide a strategic, risk-based, and pragmatic approach to support internal investigations and regulatory inquiries by supporting internal legal/compliance teams and outside counsel.

Learn more

PwC’s health sectors

Pharmaceutical and life sciences

We combine deep risk and regulatory health industry expertise and market-leading digital capabilities and accelerators to enable our clients’ goals today and lay the foundations for future success, so they can focus on the health of their communities.

Find out more


PwC’s health industries practice plays a critical role in helping clients solve an array of emerging and complex problems across the healthcare continuum, including care strategy, operations, regulatory, marketing, technology, workforce and change.

Find out more


As forces continue to drive changes in care, we engage with providers and organizations to help react, respond and design for the future of care. Services offered include: Internal audit and risk monitoring, compliance, ERM, data analytics, EHR security, 340b program compliance and technology implementation risk management.

Find out more

Higher education

We are the leading provider of professional services to the higher education sector. We work with distinguished private colleges and universities across the country, providing services including internal audit, compliance, enterprise risk management (ERM) and business process design.

Find out more

Healthcare risk and regulatory management solutions

Contact us

Tiffany Gallagher

Principal, Health Industries, Cyber, Risk & Regulatory Leader, PwC US

Dave Merriam

Partner, Health Services, Cyber, Risk & Regulatory Sector Leader, PwC US

Brian Riewerts

Principal, Pharmaceutical and Life Sciences, Cyber, Risk and Regulatory Leader, PwC US

Follow us

Required fields are marked with an asterisk(*)

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.