The majority of health IT executives say their organizations have experienced some form of cyberattack in the past two years,according to a survey released Wednesday, Computerworld reports (Mearian, Computerworld, 8/27).
Survey Details
The survey was commissioned by KPMG and conducted by Forbes Insights.
It polled CIOs, CTOs, chief compliance officers and chief security officers at 161 provider organizations and 101 health plans. All responding health care organizations had revenues of at least $500 million (Conn, Modern Healthcare, 8/26).
Want to publish your own articles on DistilINFO Publications?
Send us an email, we will get in touch with you.
Survey Findings
According to the survey, 81% of respondents said their organizations had been subject to at least one cyberattack in the last two years.
The survey found that in the last 12 months:
- 44% of respondents reported between one and 50 cyberattack attempts;
- 38% reported between 50 and 350 cyberattack attempts; and
- 13% reported more than 350 cyberattack attempts (Walsh, Clinical Innovation & Technology, 8/26).
Further, 13% of respondents said they were targeted by cyberattacks about once per day, while 12% said they were targeted about two or more times per week (Computerworld, 8/27).
According to the survey:
- 65% of respondents cited malware as the most common cyberattack;
- 26% cited botnets; and
- 26% cited internal sources of attack (Modern Healthcare, 8/26).
When asked about their top information security concerns:
- 67% of respondents cited malware;
- 57% cited HIPAA violations/compromise of patient privacy;
- 40% cited internal vulnerabilities, such as employee theft or negligence;
- 32% cited medical device security; and
- 31% cited aging IT hardware (Clinical Innovation & Technology, 8/26).
Meanwhile, 25% of respondents said their organizations are not capable of detecting in real time whether their information systems have been compromised or they are unaware if they have the capability.
About two-thirds of payer respondents said their organizations are prepared for a cyberattack, compared with 53% of provider respondents (Goedert, Health Data Management, 8/27).
Cybersecurity Threats Increasing
According to Computerworld, KPMG attributed an increase in security threats among organizations to five things:
- The adoption of digital records and the automation of clinical systems;
- The use of outdated electronic health record systems and clinical applications;
- The ease of electronically transferring personal health information internally and externally via methods, such as mobile devices and cloud services;
- Variations in network systems; and
- The evolving “threat landscape,” which includes more sophisticated cyberattacks
Date: August 27, 2015