Healthcare Organizations: How to Address Information Security


Thumbnail image for structure-light-led-movement-158826.jpg

[...] Here are four survey findings related to how healthcare organizations address information security based on a 2018 HIMSS Cybersecurity Survey.

1. The plurality of respondents (45.5 percent) indicated they undergo security risk assessments once a year.

  • Only 9.6% of health information security professionals selected the next most common response -- conducting daily security risk assessments.

2. When asked what security framework their organization has adopted, the majority of respondents cited the National Institute of Standards and Technology.

  • NIST: 57.9%
  • HITRUST: 26.4%
  • Critical Security Controls: 24.7%

3. There's no uniform source of cyberthreat intelligence, according to the survey respondents, although the majority consider word-of-mouth information from peers a key resource.

  • Peers: 68.6%
  • U.S. Computer Emergency Readiness Team: 60%
  • HIMSS resources: 53.8%

4. More than half of respondents cited lack of appropriate cybersecurity personnel as one of the biggest barriers for remediating and mitigating cybersecurity incidents.

  • Lack of appropriate cybersecurity personnel: 52.4%
  • Lack of financial resources: 46.6%
  • Too many application vulnerabilities: 28.6%

Source: Becker's Hospital Review (View full article)

Posted by Dan Corcoran on March 13, 2018 08:07 AM

Printer friendly Printer friendly

Post a comment