News | February 19, 2014

2013 HIMSS Security Survey Shows Progress, Remaining Concerns

HIMSS 2013 Security Survey Information Technology Cardiac PACS

February 19, 2014 — Results of the 2013 HIMSS Security Survey show progress toward hardened security and use of analytics, but more work is needed to mitigate insider threat, such as inappropriate access of data by employees. Federal initiatives such as OCR audits, Meaningful Use (MU) and the HIPAA Omnibus Rule encourage healthcare organizations to increase the budgets and resources dedicated to securing patient health data. However, over the past year, 19 percent of respondents reported a security breach. Additionally, 12 percent of organizations have had at least one known case of medical identity theft reported by a patient.

The 2013 HIMSS Security Survey is supported by the Medical Group Management Association and underwritten by Experian Data Breach Resolution. It profiles the data security experiences of 283 information technology (IT) and security professionals employed by U.S. hospitals and physician practices. The data from respondents suggests the greatest perceived “threat motivator” is of healthcare workers potentially looking at electronic health information of friends, neighbors, spouses or co-workers.

There has been a response to the risk of security breach via inappropriate data access by insiders. Efforts include increased use of several technologies related to employee access to patient data, such as user access control and audit logs of each access to patient health records. 

More than half of the survey’s respondents (51 percent) have increased their security budgets in the past year. Still, 49 percent of these organizations are still spending 3 percent or less of their overall IT budget on security initiatives that will secure patient data.

“Though progress is noticeable, it is critical that healthcare organizations put in place a comprehensive plan that addresses potential security threats – whether internal or external — to prevent electronic health data breaches and minimize the impact of a breach should one occur,” said Michael Bruemmer, vice president for Experian Data Breach Resolution.

Other findings from the survey include: 

  • 92 percent of organizations conduct a formal risk analysis
  • 54 percent of organizations report having a tested data breach response plan and 63 percent of these organizations test their plan annually
  • 93 percent of organizations indicate their organization is collecting and analyzing data from audit logs
  • Healthcare organizations are using multiple means of controlling employee access to patient information; 67 percent of survey respondents use at least two mechanisms, such as user-based and role-based controls, for controlling access to data

 

The survey also identifies barriers to improving an organization’s security posture included budget, dedicated leadership and the following: 

  • Organizations reported an average score of 4.35 regarding the maturity of the security environment (where 1 is not at all mature and 7 is highly mature).
  • Nearly half (49 percent) of the survey’s responding organizations are still spending 3 percent or less of their overall IT budget on security initiatives that will secure patient data.
  • 52 percent of the hospital-based respondents reported that they had a CSO, CISO or other full-time leader in charge of security of patient data.

 

For more information: www.himss.org, www.experian.com

Related Content

Videos | Information Technology
VIDEO: One on One with Hal Wolf, FHIMSS, HIMSS President and CEO

Industry trade shows and conferences seem to be making their comeback in 2024. And the Healthcare Information and ...

Time July 25, 2024
arrow
Professional registration is open for RSNA 2024
News | RSNA
RSNA 2024 Registration Is Open

July 23, 2024 — Professional registration is open for RSNA 2024, the world’s largest radiology forum. This year’s theme ...

Time July 23, 2024
arrow
Exa Platform customers will now benefit from interoperability and connectivity enabling every clinical department throughout the enterprise
News | Enterprise Imaging
Konica Minolta Healthcare and Apollo Enterprise Imaging Partner to Provide Enterprise-Wide Clinical Workflows and Image-Enabled EMR

June 28, 2024 — Konica Minolta Healthcare Americas announced today a strategic partnership with Apollo Enterprise ...

Time June 28, 2024
arrow
Radiologists can now save significant time and accelerate clinical output through the automated creation of patient-specific reports
News | Artificial Intelligence
RamSoft and RADPAIR Announce Integration of AI-Driven Radiology Report Generation into OmegaAI’s Platform

June 27, 2024 — RamSoft, a global leader in cloud-based RIS/PACS radiology solutions, and RADPAIR, a trailblazer in ...

Time June 27, 2024
arrow
Konica Minolta Healthcare Americas announced a strategic partnership with Comp-Ray, Inc.
News | Information Technology
Konica Minolta Healthcare and Christie Innomed Partner to Provide Healthcare IT Sales and Services in the US

June 21, 2024 — Konica Minolta Healthcare Americas announced a strategic partnership with Comp-Ray, Inc., a Christie ...

Time June 21, 2024
arrow
An overview of HIMSS24
Feature | Information Technology | By Melinda Taschetta-Millane
Information Technology’s Impact on Tomorrow’s Health

The Healthcare Information and Management Systems Society (HIMSS) Global Health Conference and Exhibition brought ...

Time May 01, 2024
arrow
The value of a new approach to clinical workflow designed to expedite processes, mitigate burnout and foster precision in diagnosis and reporting
Feature | Information Technology | By Jef Williams
Adopting Micro-workflows: The Next Step in Deconstructing for Improved Outcomes

The rapid growth of healthcare data has reached unprecedented heights, making up about 30% of the world’s stored data.¹ ...

Time April 30, 2024
arrow
ProFound Cloud, powered by Google Cloud architecture and Google’s Health AI innovations, redefines accessibility to critical insights, empowering radiologists in early breast cancer detection
News | Society of Breast Imaging (SBI)
iCAD Showcases New ProFound Cloud, Enhanced ProFound Detection Workstation Features and New Strategic Partnerships at SBI Annual Symposium

April 11, 2024 — iCAD, Inc., a global leader in clinically proven AI-powered cancer detection solutions, announced today ...

Time April 11, 2024
arrow
Konica Minolta Healthcare Americas, Inc. announced today the new integration of the Exa Platform with AWS HealthImaging (AHI).
News | Enterprise Imaging
Konica Minolta Healthcare to Showcase Exa Platform in the Cloud with AWS HealthImaging at HIMSS 2024 Meeting

March 12, 2024 — Konica Minolta Healthcare Americas, Inc. announced today the new integration of the Exa Platform with ...

Time March 12, 2024
arrow
DeepHealth is a global leader in providing AI-powered radiology and health informatics for real-world clinical settings and large-scale screening programs
News | Artificial Intelligence
DeepHealth to Present Latest Results from AI-powered Screening and Diagnostic Programs at the European Congress of Radiology 2024

February 26, 2024 — DeepHealth, Inc., one of the leading providers in healthcare radiology informatics, has today ...

Time February 26, 2024
arrow
© Copyright Wainscot Media. All Rights Reserved.
Subscribe Now