The seemingly constant volley of cyberattacks on healthcare data networks is being accompanied by a flurry of new surveys and studies confirming that the threat to health data is real and dangerous.
The latest report on the cybersecurity pandemic comes from data security company Vormetric, Inc., in partnership with the 451 Research firm.
The Healthcare Edition of the 2016 Vormetric Data Threat Report, released April 13, surveyed 1,100 senior IT security executives at large enterprises worldwide, including about 100 in U.S. healthcare organizations, and found that 63% of health IT security professionals have experienced a breach and 20% had a breach last year.
Also, 96% of the healthcare respondents reported they feel vulnerable to threats to their data networks.
Compliance with federal security and privacy laws was the top security spending priority for 61% of the health IT respondents, ahead of preventing data breaches (40%).
But even though 69% of those surveyed by Vormetric and 451 Research that work in healthcare said meeting compliance standards was a “very” or “extremely” effective way to secure data, “compliance is only a step toward healthcare IT security,” according to Garrett Bekker, a 451 information security senior analyst.
“As we learned from data theft incidents at healthcare organizations that were reportedly HIPAA compliant, being compliant doesn’t necessarily mean you won’t be breached and have your sensitive data stolen,” Bekker said in a .
Bekker said in the release that while security professionals in healthcare are still spending heavily on network and endpoint security, they are not using enough technologies that help guard data once perimeters have been breached.
Some 54% of those surveyed said the top challenge in instituting effective cybersecurity defenses was complexity of deployment, but a lack of staff (38%) and budget (30%) were also key impediments.
The survey also showed that many healthcare organizations are moving to store data in the cloud, despite persistent security concerns, and are also using Internet of Things environments that are also seen containing many security vulnerabilities.