01 Jul Majority of healthcare organizations have recently seen ‘significant’ data security incident
Think healthcare data security is a bigger problem now than it was a year ago? Insiders would agree.
In a newly released survey from the Healthcare Information and Management Systems Society, 87 percent of health information security officers and other health IT professionals said that cybersecurity has become a higher business priority within their organizations in the last year. Two-thirds of the 297 respondents reported having experienced a “significant security incident in the recent past,” according to the survey, released Tuesday at the HIMSS Privacy & Security Forum in Chicago.
“I don’t think that I was necessarily surprised by this,” Jennifer Horowitz, senior director of research for HIMSS North America, told MedCity News.
Horowitz said that the question was worded vaguely on purpose. “We left that to the discretion of the respondents.” HIMSS used the word “incident” instead of “breach” or “hack” for the same reason, she said.
On average, the survey-takers’ organizations use 11 different technologies to try to secure their networks and data, in part because hackers, phishers and other scammers are getting more sophisticated. According to the survey, 81 percent said that security-related technologies need to evolve and 69 percent said that the threat of phishing attacks have motivated them to step up cybersecurity.
Still, though, the top source of recent “security incidents” is negligence from inside the organization, named by 46 percent of respondents, and 64 percent said that an insider has been responsible for a significant incident at some point.