US Healthcare: Data Breaches Are Increasingly Common

Uploaded on 2015-04-27 in NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-Health & Welfare, TECHNOLOGY--Hackers

 

Vormetric-LP-Quote-module-2013-1024.jpg

Health care organizations are rethinking their reliance on compliance requirements as the primary way to protect patient data, according to a Harris Poll survey of 920 IT decision makers, which was conducted on behalf of Vormetric.
The survey results indicate that data protection in healthcare organizations has been driven largely by compliance requirements – 54 percent reported compliance requirements as the top reason for protecting sensitive data, and 68 percent rated compliance as very or extremely effective at stopping insider threats and data breaches.
At the same time, more than a quarter of respondents (26 percent) reported that their organization had previously experienced a data breach, and nearly half (48 percent) reported that in the last year their organization had failed a compliance audit or encountered a data breach.
However, the study indicates that priorities are changing, with respondents reporting that compliance is now their second priority for IT security spending at 39 percent. Preventing a data breach ranks first at 53 percent.
In addition, 63 percent of health care IT decision-makers report that their organizations are planning to increase spending to offset data threats.
An overwhelming 92 percent of respondents said their organizations are either somewhat or more vulnerable to insider threats, and 49 percent felt very or extremely vulnerable.
Additionally, 62 percent of respondents identified privileged users, those who have access to all resources available from systems they manage, as the most dangerous insiders. Partners with internal access and contractors ranked second and third.
The top factors driving IT security spending were data breach prevention at 53 percent, fulfilling compliance requirements and passing audits at 39 percent, and protection of financial and other assets at 38 percent.
"There is an evolution in process from a fixation on meeting compliance requirements, to protecting their organizations and patients from the consequences of data breaches," Kessler said. "In effect, they are beginning to protect patients’ data as another element of protecting patients’ health. Frankly, we think we’ll see more health care organizations reset priorities as more breaches lead to financial and legal headaches. Sometimes, lessons need to be learned the hard way."
eWeek: http://bit.ly/1DX7731

« Cyber Insurance: An Ineffective Way of Dealing with Hacks?
Will Biometrics Take Over From Passwords? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Intruder

Intruder

Intruder is a cloud-based vulnerability scanner that finds cyber security weaknesses in your digital infrastructure, to avoid costly data breaches.

Quantivate

Quantivate

Quantivate is a provider of web-based Governance, Risk, and Compliance (GRC) software and service solutions.

Ionic Security

Ionic Security

Ionic provide a high-assurance data protection and control platform built on strong encryption, fine-grain control and contextual analytics.

Digital Hands

Digital Hands

Digital Hands is an award-winning managed security services provider.

Lumen Technologies

Lumen Technologies

Lumen is an enterprise technology platform that enables companies to capitalize on emerging applications and power the 4th Industrial Revolution (4IR).

Agesic

Agesic

Agesic is an institution that leads the development of the Digital Government and the Information and Knowledge Society in Uruguay.

Information & eGovernment Authority (iGA) - Bahrain

Information & eGovernment Authority (iGA) - Bahrain

The Information & eGovernment Authority facilitates many services catering to different parts of the community within the IT sector in Bahrain including information security.

SensorHound

SensorHound

SensorHound’s mission is to improve the security and reliability of the Internet of Things (IoT).

Newtech Recycyling

Newtech Recycyling

Newtech Recycyling specializes in the removal and disposal of IT infrastructure which has reached the end of its life cycle.

CyberASAP

CyberASAP

CyberASAP provides expertise, knowledge and support to convert academic ideas into commercial products in the cyber security space.

Riskaware

Riskaware

CyberAware, by Riskaware, provides business-critical cyber attack analysis and impact assessments using NIST standards aligned with NCSC guidance.

Porto Research, Technology & Innovation Center (PORTIC)

Porto Research, Technology & Innovation Center (PORTIC)

PORTIC brings together several research centers and groups from P.PORTO in a single space, forming a superstructure dedicated to research, technology transfer, innovation and entrepreneurship.

Secure Forensics

Secure Forensics

Secure Forensics can assist in any situation that requires digital forensics or an investigation ranging from complex criminal matters to fraud and file tampering to cyber crime.

Gradient Cyber

Gradient Cyber

Gradient Cyber is a trusted cybersecurity partner specializing in small businesses and mid-market enterprises concerned about cybersecurity but lacking the staff to give it the attention it deserves.

Arcserve

Arcserve

Defend your data with Arcserve all-in-one data protection and management solutions designed to be the right fit for your business, regardless of size or complexity.

Lansweeper

Lansweeper

Lansweeper is an IT Asset Management platform provider helping businesses better understand, manage and protect their IT devices and network.