The Healthcare Information and Management Systems Society
(HIMSS) recently published its second Cybersecurity Survey for healthcare
organizations, and the results are astonishing.
Despite costly recent enforcement actions and fines, ransomware
attacks, and highly publicized breaches, some healthcare
organizations fail to use even basic security tools, such as
antivirus and anti-malware software or firewalls. Yet 80% of the
183 respondents reported experiencing a recent "significant
security incident," with phishing attacks identified as the
number one motivator for improving security.
Only 64% of the organizations surveyed were using encryption for
data in transit, and only 40% were monitoring access to protected
health information as HIPAA requires.
The 2016 HIMSS Cybersecurity Survey found that while more
organizations are making security a top business priority, only 48%
reported actually making improvements in data loss prevention. Both
hospitals and physician practices cited lack of appropriately
trained staff and budget constraints among the reasons they're
not doing more to improve cybersecurity.
For more articles and regular updates on legislative changes, regulatory developments and other news of interest to businesses, professionals and investors in the healthcare industry, please subscribe to Day Pitney's mailing lists.
Click here for more Healthcare Blogs from Day Pitney
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.