News Stay informed about the latest enterprise technology news and product updates.

HIMSS reports spike in health IT security worries

Until recently cyber-security was one of many issues for health IT executives; now it is top of mind for most.

Anecdotally, it is abundantly clear how widespread increased worry about cyber-attacks on healthcare data networks is. Also, a recent SearchHealthIT survey found that security systems are the number one buying priority for health IT pros this year.

Now, a new survey by HIMSS (Health Information Management and Systems Society), the largest health IT industry group, has confirmed the same thing, finding that 87% of 297 healthcare executives and information security officers responding to the survey identified cyber-security as a bigger business priority than it was last year.

Notably, two-thirds of the respondents reported that their healthcare organization had experience a significant security incident recently.

The survey also found that at least half the respondents have made improvements to network security, endpoint protection, data loss prevention, disaster recovery and IT continuity.

Even so, and despite the availability of new security technologies, most of the respondents felt “only an average level of confidence” in their ability to protect their IT infrastructure and data, according to a HIMSS release.

Some other key findings from the survey:

  • Respondents use an average of 11 different technologies to secure their network and more than half of healthcare organizations surveyed hired full time employees to manage information security
  • 42% of respondents said there are too many emerging and new threats to track
  • More than half of information security threats are identified by internal security teams
  • 59% of survey respondents said there should be cross-sector cyber threat information sharing
  • 62% of security incidents have resulted in limited disruption of IT systems with limited effect on clinical care and IT operations
  • 64% of respondents say a lack of appropriate cyber-security personnel is a barrier to mitigating cyber-security incidents
  • 69% of respondents indicated that phishing attacks are a motivator for improving the information security environment
  • 80% use network monitoring to detect and investigate information security incidents
  • 87% of respondents reported using antivirus-malware tools to secure their healthcare organizations’ information

HIMSS members can download the full survey here.