HIMSS has released its 2019 Cybersecurity Survey, generally finding improved cybersecurity awareness among healthcare organizations. Healthcare providers are devoting more funding to IT and taking advantage of the growing number of healthcare-specific solutions like Nuance’s Dragon Medical Virtual Assistant or OneBio’s blockchain platform.
However, the survey also highlighted some glaring flaws in healthcare security, many of which can be traced to the widespread prevalence of legacy systems. Despite the dangers, most healthcare organizations (69 percent) are still using some form of outdated tech in their networks.
“Operating systems that have been unsupported for five, ten, or more years – decades, in some cases – greatly increases a healthcare organization’s risk of being compromised,” said Rod Piechowski, the senior director of health information systems at HIMSS.
What’s worse, many of those organizations are not taking the appropriate measures to combat known security threats. Healthcare providers are regularly the targets of phishing scams, yet a full 36 percent indicated that they do not conduct any kind of testing to reduce the chances of a successful attack.
“It is incumbent on healthcare leaders to ensure internal personnel have the training and resources needed to ensure robust internal information security practices are in fact practiced,” added Piechowski. “Organizations not conducting phishing tests create a vulnerability for those parts of the ecosystem they touch.”
HIMSS found that bad actors are still involved in the majority of security breaches, which only reinforces the need for greater vigilance in order to safeguard health and patient information.
February 15, 2019 – by Eric Weiss