Survey: 63 Percent of Healthcare IT Bosses Report Past Data Breaches
Nearly two thirds of healthcare IT leaders reported experiencing a data breach, and nearly one in five said the breach occurred in the past year, according to a new survey.
The Healthcare Edition of the 2016 Vormetric Data Threat Report, commissioned by data protection firm Vormetric, was based on a poll of 1,100 IT security managers, including more than 100 from healthcare organizations.
A large majority of Healthcare IT managers (61 percent) said that meeting compliance requirements was their top security spending priority, while specifically preventing data breaches trailed at 40 percent.
More than two-thirds (69 percent) said that meeting compliance requirements was a “very” or “extremely” effective way of protecting sensitive data, a belief that researchers said was inaccurate.
“Compliance is only a step towards Healthcare IT security,” said Garrett Bekker, senior analyst for information security at 451 Research, which conducted the survey. “As we learned from data theft incidents at healthcare organizations that were reportedly HIPAA compliant, being compliant doesn’t necessarily mean you won’t be breached and have your sensitive data stolen.”
At least 14 U.S. hospitals were hit by cyberattacks during the past two months, with some paying thousands of dollars in ransoms to regain access to crippled networks.
More than half of IT healthcare managers (54 percent) said complexity was the main reason they didn’t implement better security, followed by inadequate staff and lack of organizational buy-in.
Nearly half of respondents (49 percent) said they planned to increase spending on network security defenses, with 79 percent describing such defenses as “very” or “extremely” effective at protecting data.
“IT security professionals are spending heavily on what has worked for them in the past,” said Bekker. “They are continuing to invest in defenses like network and endpoint security offerings that offer little help in protecting data once perimeters have been breached.”
The survey also found that most of the organizations were taking cybersecurity seriously, with 60 percent saying they planned to increase spending this year to protect sensitive data.
Many intend to invest in state-of-the art security technology, including 39 percent saying they would invest in cloud security gateways, 36 percent in security event and information management systems, and 34 percent in enhanced data management monitoring.
Send tips and news to MSPmentorNews@Penton.com.