Health care organizations are taking steps to enhance their cybersecurity programs to a greater degree than anticipated, according to the newly released 2017 HIMSS Cybersecurity Survey. The majority of organizations measured (71%) allocate specific budget toward cybersecurity. Additionally, 80% of IT leaders measured indicated their organization employs dedicated cybersecurity staff.
"As it was last year, attackers continue to target the health care sector," says Rod Piechowski, senior director of health information systems at HIMSS. "Quality, stress-tested cybersecurity programs are imperative to protecting provider organizations and the patients they care for. This data is encouraging because it shows that many organizations are making security programs a priority; however, there is room for continued improvement. Our hope is that the new research will be an important resource for organizations navigating the complex security landscape."
The 2017 HIMSS Cybersecurity Survey provides insight into what health care organizations are doing to protect their information and assets, in light of increasing cyber-attacks and compromises affecting the health care sector. The 2017 report focuses on the responses from 126 IT leaders who report having some responsibility for information security in a US-based health care provider organization, such as a hospital or long term care facility.
"For this year's report, we decided to take a holistic look at what health care organizations across the sector are doing to enhance their security programs and assess why and how healthcare cybersecurity is unique," says Lee Kim, director of privacy and security at HIMSS. "The report provides industry context and an in-depth analysis of the meaning and relevance of the survey results."
Other key findings from the 2017 survey include the following: