The Healthcare Information and Management Systems Society said yesterday that a survey of healthcare organizations revealed that ⅔ of responders experienced a disruptive cybersecurity incident in the recent past.
The survey reached out to 297 individuals involved in healthcare information technology to examine the state of cybersecurity in the industry, HIMSS said.
The survey reported that 87% of responders have identified cybersecurity as an increased business priority over the past year and 42% said there are too many emerging threats to track.
“The recent breaches in the healthcare industry have been a wake-up call that patient and other data are valuable targets and healthcare organizations need a laser focus on cybersecurity threats. Healthcare organizations need to rapidly adjust their strategies to defend against cyber-attacks. This means incorporating threat data, and implementing new tools and sophisticated analysis into their security process,” veep of technology solutions Lisa Gallagher said in a press release.
While the largest source for security incidents was negligent insiders, 64% of respondents indicated they had experienced an incident from an outside source, the group said. Despite the availability of protective technologies, most respondents said they felt only an average level of confidence in their organization’s ability to protect IT infrastructure and data, HIMSS said.
Most attacks were limited to minor disruption, but 21% reported attacks that resulted in the loss of patient, financial or organizational data, HIMSS said. An additional 8% reported disruption to IT systems, and 8% reported direct damage to those IT systems.
Threats were mainly identified by internal security, with 51% being caught by such teams, HIMSS reports. Fifty percent of responders said they experienced incidents that were reported by non IT staff individuals and only 17% were caught by external resources, such as cybersecurity firms.