Cybersecurity Report Card:   Better Performance, But Not Great

A new research report from HIMSS has concluded that while healthcare organizations are improving their cybersecurity programs, there’s still a number of things they could do better. The study drew on responses from 239 health information security professionals. Their responses were gathered from December 2017 to January 2018. While respondents came from a number of settings, the largest number (31.5%) were with hospitals, multi-hospital systems or integrated delivery networks. One key point made by the study was that significant security incidents are projected to continue to grow in number, complexity and impact. That’s reflected by responses from survey participants, 75.7% of whom said that their organizations experienced a significant security incident in the past 12 months. The top threat actors attacking these organizations included online scam artists deploying phishing and spear phishing attacks (37.6%), followed by negligent insiders (20.8 %) or hackers (20.1%). In many cases, the initial point of security compromise was by email. Time it took to discover the incident included less than 24 hours (47.1%), one to two days (13.2%) and 3 to 7 days (7.4%). Despite these risks, and the effort required to protect their data, healthcare organizations with cybersecurity programs are improving their performance. They’re devoting more resources to those programs (55.8% of current IT budgets), responding to problems identified by regular risk assessments (with 83.1% adopt...
Source: EMR and HIPAA - Category: Information Technology Authors: Tags: EHR Electronic Health Record Electronic Medical Record EMR Health Care Healthcare HIPAA HIPAA Audits HIPAA Breaches HIPAA General HIPAA Training Cybersecurity HIMSS Insider Threat Management Programs IT Budgets Penetration Te Source Type: blogs