Health execs rank employee awareness as greatest cybersecurity concern
Lack of employee awareness and education present the greatest security threat, according the 2017 Level 3 Healthcare Security Study. Even though 85 percent of respondents said they have educational programs in place, nearly 80 percent listed employee awareness as their top threat.
The Level 3 Survey of 125 health IT executives, conducted by HIMSS Analytics, also found that 95 percent of respondents listed electronic health records systems as having the greatest reliance on network uptime. Hospital interface systems ranked second (51 percent), ahead of remote patient monitoring (39 percent), communications systems (37 percent) and PACS storage (36 percent), the study said.
The vast majority of participating organizations employ multiple risk mitigation practices to protect data and systems: remote access/secure access controls (87 percent), employee security awareness programs (85 percent), and security consulting services like vulnerability assessments and penetration testing (75 percent), the study found.
A little over half of respondents in the study have practices such as DDoS mitigation (56 percent) or threat intelligence (55 percent) in place today.
“Healthcare organizations must remain vigilant against cybersecurity threats and leverage all of their resources effectively to ensure every individual knows their role,” said Bryan Fiekers, senior director of research services at HIMSS Analytics. “Security cannot become an out-of-sight, out-of-mind problem.”
Chris Richter, senior vice president, global security services, at Level 3 Communications, added that security threats the healthcare industry faces today are real and only increasing in volume and sophistication as bad actors continue to seek out coveted protected health information.
“Aside from fostering and maintaining a culture of security, which includes regular employee security training, healthcare organizations should implement a security governance framework and appropriate technology controls,” Richter said.