by Phuong Tran
Article filed in
Hacking more of a priority in health IT, but not enough is being done to prevent it
by Phuong Tran
A recent survey done by the Health Information and Management Systems Society (HIMSS) has provided many insights into the current mind set of health IT pros. The basic message is that health IT pros are very much concerned about hacking, but feel that they are being hampered by various factors at their organizations to improve the situation.Based on a survey of 150 information security leaders at various U.S. hospitals and non-acute care environments, such as physician offices and long term care facilities. The survey was done between February and May 2016.
The survey indicates that hacking is on all health IT officials priority list. Surveyors found that 85% of respondents from acute care providers and 81% from non-acute-care organizations made healthcare security a higher priority in 2016 than in the past. In particular, ransomware attacks is considered public enemy number one. Ransomware attacks was cited most often (by 69% of respondents) as a significant threat to HIT system security.
Ransomware attacks are a type of cyber attack where cyber criminals hack into the healthcare database and hold it hostage till payment is made. At Paubox, we wrote about these type of malicious attacks a few months ago. Given the extensive amount of cyber attacks occurring in healthcare in the past year, this sense of urgency is a positive revelation.
However, even with this sense of urgency, the survey showed that there are some worrisome signs. The industry’s health IT pros feel that due to lack of manpower and money, they are not able to protect their organization adequately.
More than half (55%) of the respondents cited lack of financial resources as a barrier to mitigating their cybersecurity risks. Additionally, 59% were having trouble finding good cybersecurity talent. From an infrastructure perspective, 41% were still not encrypting their data in storage and 36% were not even encrypting patient information in transit.
According to Lee Kim, director of privacy and security at HIMSS North America. “People view encryption and security in general as a hindrance to their work. They have to swallow that vitamin. It’s yucky, but it’s good for you.”