In response to a rise in cybersecurity breaches that continue to put patient data at risk, HIMSS introduced an annual research program to assess these experiences in healthcare organizations across the nation.
The 2018 HIMSS Cybersecurity Survey provides insight into what healthcare organizations are doing to protect their information and assets, in light of increasing cyber-attacks and compromises impacting the healthcare and public health (“HPH”) sector.
Based on the feedback from 239 health information security professionals, an analysis of the findings yielded a few notable themes, which are explored in greater detail in this report and highlights are summarized below:
- Healthcare organizations with cybersecurity programs are making positive efforts toward improvement. More resources are dedicated to cybersecurity programs. Proactive measures are taken as a result of regular risk assessments. Penetration testing and security awareness training are regularly conducted.
- Most healthcare organizations’ cybersecurity programs have room for improvement. Significant barriers exist for remediating and mitigating security incidents. Some organizations do not yet have formal insider threat management programs. Risk assessments widely vary from organization to organization.
- Looking to the future, healthcare organizations have certain concerns and priorities which will shape the direction of healthcare cybersecurity. More resources will continue to be dedicated to cybersecurity programs in the future.