Topics
More on Risk Management

Cybersecurity issues have healthcare executives on high alert, HIMSS survey says

About 71 percent of non-acute care and 50 percent of acute care respondents pointed to a lack of financial resources to shore up their systems.

Jessica Davis, Associate Editor

As cybercriminals continue to assault the healthcare industry, most health executives are elevating data security as a business priority, according to the 2016 HIMSS Cybersecurity Survey, released Tuesday.

Eighty-five percent of the report's 150 surveyed IT security leaders are increasing cybersecurity awareness, motivated by potential phishing attacks (80 percent of acute care providers, 65 percent non-acute); viruses or malware (68 percent acute, 65 percent non-acute); and risk assessment results (64 percent acute, 77 percent non-acute).

[Also: Hackers hit SCAN Health Plan, breach data of nearly 90,000 patients]

But there are serious barriers inhibiting better cybersecurity practices. About 71 percent of non-acute care and 50 percent of acute care respondents pointed to a lack of financial resources, while about 60 percent of respondents pointed to a lack of cybersecurity personnel.

"Cybersecurity attacks have the potential to yield disastrous results for healthcare providers and society as a whole," said Rod Piechowski, HIMSS' senior director, health information systems, in a statement. "It's imperative healthcare providers acknowledge the need to address cybersecurity concerns and act accordingly."

[Also: Hacker TheDarkOverlord stole more patient records, images than originally thought]

Medical identify theft was reported as the source of healthcare attacks by about 75 percent of respondents; 69 percent feared these potential attacks will stem from ransomware and 61 percent are concerned about persistent threats and phishing attacks.

Despite these worries, 75 percent of respondents said they feel ready to detect and protect against brute force attacks. Further, respondents said they're ready for known software vulnerabilities (74 percent) and negligent insider attacks (73 percent).

[Also: Healthcare most hit with data breaches in 2015]

While the report suggests providers are addressing cybersecurity concerns, "more progress needs to be made so that providers can truly stay ahead of the threats," Piechowski added. Some of the areas requiring attention: vulnerabilities in email, mobile devices and the internet of things.

To address these issues and provide support to the healthcare industry, on October 25 HIMSS will open the Cybersecurity Hub at the HIMSS Innovation Center in Cleveland. The in-person resource will educate visitors on important requirements and help healthcare leaders prepare for and protect against cyber threats.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com