Cybersecurity a Top Concern Among Health Care Organizations
November 26, 2014 in News
According to the survey of 100 organizations, health care providers are at a high risk for cyberattacks (Bowman, FierceHealthIT, 11/25). For example, malicious hacking or IT incidents were the most common security breaches reported to the federal government in 2013, behind physical loss or theft of devices, according to the report (Pedulli, Clinical Innovation Technology, 11/25).
The survey also found that:
- 100% of respondents experienced a cyberattack in the last year;
- 39% of respondents experienced at least 10 cyberattacks; and
- 27% of the cyberattacks were deemed successful (Gold, “Morning eHealth,” Politico, 11/26).
IDC Health Insights Research Vice President Lynne Dunbrack in a statement said the high risk of cyberattack is in part because of “electronic health information [being] more widely available today than in the nearly 20 years since [HIPAA] was passed in 1996,” adding, “For healthcare organizations, it’s not a matter of whether they are going to be attacked, but when” (FierceHealthIT, 11/25).
Meanwhile, the survey found that 25% of cyberattacks disrupted normal business operations. Specifically:
- 52.2% of respondents said the shortest disruption lasted less than an hour; and
- 43.3% said the longest disruption lasted between eight and 24 hours.
Security Among Top Priorities
According to the survey, 29% of respondents said security and risk management technologies were among their top IT initiatives. Further:
- 59.6% of respondents said they had increased spending to address cyber threats in the last three years; and
- 38.3% said such spending had remained level (Clinical Innovation Technology, 11/25).