Lack of Employee Awareness and Education are Greatest Threats to Healthcare Security
Lack of employee awareness and education present the greatest security threat exposure according to responses from 125 health IT executives and professionals participating in the 2017 Level 3 Healthcare Security Study. The study, conducted by HIMSS, was designed to identify and understand high-level IT security concerns in the healthcare industry as the threat landscape continues to evolve, placing the industry's valuable healthcare data and critical care infrastructure at risk.
The survey found:
- Nearly 80 percent of survey participants identified employee security awareness as the source of their greatest concern regarding threat exposure.
- Ninety-five percent of respondents list EHR systems as having the greatest importance for network uptime. Hospital interface systems ranks as the second most important (51 percent) – ahead of remote monitoring for patients (39 percent), communications systems (37 percent) and PACS storage (36 percent).
- The majority of organizations employ multiple risk mitigation practices: 87 percent leverage remote access/secure access controls, 85 percent rely on employee security awareness programs and 75 percent incorporate security consulting services like vulnerability assessments and penetration testing.
- A little more than half of respondents have practices such as DDoS mitigation (56 percent) and/or threat intelligence (55 percent) in place today.