HIMSS Survey Finds Two-Thirds of Healthcare Organizations Experienced a Significant Security Incident in Recent Past

Healthcare Organizations Implement New Technology and Personnel to Stay Ahead of Cyberattacks

CHICAGO (June 30, 2015– Cybersecurity was identified as an increased business priority over the past year according to 87 percent of respondents in the newly released 2015 HIMSS Cybersecurity Survey (http://www.himss.org/2015-cybersecurity-survey). Two-thirds of those surveyed also indicated that their organizations had experienced a significant security incident recently. Released at the Privacy and Security Forum, held in Chicago from June 30-July 1, this research reflects the continued cybersecurity concerns by healthcare providers regarding the protection of their organizations’ data assets.

“The recent breaches in the healthcare industry have been a wake-up call that patient and other data are valuable targets and healthcare organizations need a laser focus on cybersecurity threats,” said Lisa Gallagher, Vice President of Technology Solutions, HIMSS. “Healthcare organizations need to rapidly adjust their strategies to defend against cyber-attacks. This means implementing threat data,incorporating new tools and sophisticated analysis into their security process.”

The survey of 297 healthcare leaders and information security officers across the industry also found that at least half of respondents made improvements to network security, endpoint protection, data loss prevention, disaster recovery and IT continuity. Despite the protective technologies available, most respondents felt only an average level of confidence in their organizations’ ability to protect their IT infrastructure and data.

Key findings from the survey include the following:

  • Respondents use an average of 11 different technologies to secure their environment and more than half of healthcare organizations surveyed hired full time personnel to manage information security
  • 42 percent of respondents indicated that there are too many emerging and new threats to track
  • More than 50 percent of information security threats are identified by internal security teams
  • 59 percent of survey respondents feel the need for cross-sector cyber threat information sharing
  • 62 percent of security incidents have resulted in limited disruption of IT systems with limited impact on clinical care and IT operations
  • 64 percent of respondents believe a lack of appropriate cybersecurity personnel is a barrier to mitigating cybersecurity events
  • 69 percent of respondents indicated that phishing attacks are a motivator for improving the information security environment
  • 80 percent use network monitoring to detect and investigate information security incidents
  • 87 percent of respondents reported using antivirus/malware tools have been implemented to secure their healthcare organizations’ information security environment

In addition to the findings above, survey respondents found the following as the top ways security incidents were identified and the impact they had on their organizations:

To download the complete 2015 HIMSS Cybersecurity Survey, please visit: http://www.himss.org/2015-cybersecurity-survey

About HIMSS

HIMSS is a global, cause-based, not-for-profit organization focused on better health through information technology (IT). HIMSS leads efforts to optimize health engagements and care outcomes using information technology.

HIMSS is a cause-based, global enterprise producing health IT thought leadership, education, events, market research and media services around the world. Founded in 1961, HIMSS encompasses more than 58,000 individuals, of which more than two-thirds work in healthcare provider, governmental and not-for-profit organizations across the globe, plus over 640 corporations and 400 not-for-profit partner organizations, that share this cause.  HIMSS, headquartered in Chicago, serves the global health IT community with additional offices in the United States, Europe, and Asia.

   

Categories