Health IT, Hospitals

Majority of healthcare organizations have recently seen ‘significant’ data security incident

87 percent of health information security officers and other health IT professionals said that cybersecurity has become a higher business priority within their organizations in the last year, according to a new HIMSS survey.

By Neil Versel on June 30, 2015

Think healthcare data security is a bigger problem now than it was a year ago? Insiders would agree.

In a newly released survey from the Healthcare Information and Management Systems Society, 87 percent of health information security officers and other health IT professionals said that cybersecurity has become a higher business priority within their organizations in the last year. Two-thirds of the 297 respondents reported having experienced a “significant security incident in the recent past,” according to the survey, released Tuesday at the HIMSS Privacy & Security Forum in Chicago.

“I don’t think that I was necessarily surprised by this,” Jennifer Horowitz, senior director of research for HIMSS North America, told MedCity News.

Horowitz said that the question was worded vaguely on purpose. “We left that to the discretion of the respondents.” HIMSS used the word “incident” instead of “breach” or “hack” for the same reason, she said.

On average, the survey-takers’ organizations use 11 different technologies to try to secure their networks and data, in part because hackers, phishers and other scammers are getting more sophisticated. According to the survey, 81 percent said that security-related technologies need to evolve and 69 percent said that the threat of phishing attacks have motivated them to step up cybersecurity.

Still, though, the top source of recent “security incidents” is negligence from inside the organization, named by 46 percent of respondents, and 64 percent said that an insider has been responsible for a significant incident at some point.

On the positive side, 57 percent indicated that their organization has at least one full-time staffer dedicated to this problem. While 42 percent said that there are too many new and emerging threats to track adequately, their security teams are able to identify more than half of all information security threats internally.

sponsored content

A Deep-dive Into Specialty Pharma

A specialty drug is a class of prescription medications used to treat complex, chronic or rare medical conditions. Although this classification was originally intended to define the treatment of rare, also termed “orphan” diseases, affecting fewer than 200,000 people in the US, more recently, specialty drugs have emerged as the cornerstone of treatment for chronic and complex diseases such as cancer, autoimmune conditions, diabetes, hepatitis C, and HIV/AIDS.

By PurpleLab

“I think they’re doing a lot of things right,” Horowitz said.

Photo: FreeDigitalPhoto user Pong