US Healthcare: Data Breaches Are Increasingly Common

 

Vormetric-LP-Quote-module-2013-1024.jpg

Health care organizations are rethinking their reliance on compliance requirements as the primary way to protect patient data, according to a Harris Poll survey of 920 IT decision makers, which was conducted on behalf of Vormetric.
The survey results indicate that data protection in healthcare organizations has been driven largely by compliance requirements – 54 percent reported compliance requirements as the top reason for protecting sensitive data, and 68 percent rated compliance as very or extremely effective at stopping insider threats and data breaches.
At the same time, more than a quarter of respondents (26 percent) reported that their organization had previously experienced a data breach, and nearly half (48 percent) reported that in the last year their organization had failed a compliance audit or encountered a data breach.
However, the study indicates that priorities are changing, with respondents reporting that compliance is now their second priority for IT security spending at 39 percent. Preventing a data breach ranks first at 53 percent.
In addition, 63 percent of health care IT decision-makers report that their organizations are planning to increase spending to offset data threats.
An overwhelming 92 percent of respondents said their organizations are either somewhat or more vulnerable to insider threats, and 49 percent felt very or extremely vulnerable.
Additionally, 62 percent of respondents identified privileged users, those who have access to all resources available from systems they manage, as the most dangerous insiders. Partners with internal access and contractors ranked second and third.
The top factors driving IT security spending were data breach prevention at 53 percent, fulfilling compliance requirements and passing audits at 39 percent, and protection of financial and other assets at 38 percent.
"There is an evolution in process from a fixation on meeting compliance requirements, to protecting their organizations and patients from the consequences of data breaches," Kessler said. "In effect, they are beginning to protect patients’ data as another element of protecting patients’ health. Frankly, we think we’ll see more health care organizations reset priorities as more breaches lead to financial and legal headaches. Sometimes, lessons need to be learned the hard way."
eWeek: http://bit.ly/1DX7731

« Cyber Insurance: An Ineffective Way of Dealing with Hacks?
Will Biometrics Take Over From Passwords? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZDL Group

ZDL Group

At ZDL (formerly ZeroDayLab) we take a comprehensive view of our clients cyber security risks and provide quality services to address those risk

Information Security Group (ISG) - Royal Holloway

Information Security Group (ISG) - Royal Holloway

The Information Security Group, Royal Holloway, University of London, is an Academic Centres of Excellence in Cyber Security Research.

Fidelis Security

Fidelis Security

Fidelis Security is a leading provider of extended threat detection and response (XDR) solutions for your security operations.

National Cyber-Forensics & Training Alliance (NCFTA) - USA

National Cyber-Forensics & Training Alliance (NCFTA) - USA

NCFTA is a trusted alliance of private industry and law enforcement partners dedicated to information sharing and disrupting cyber-related threats.

ISGroup (Information Security Group)

ISGroup (Information Security Group)

ISGroup services include network penetration testing, Web application penetration testing, ethical hacking, vulnerability assessments, code review and associated training.

SecureNinja

SecureNinja

SecureNinja provides professional training, certifications & professional services related to all facets of Information Technology and Cyber Security.

Digital Security

Digital Security

Digital Security is an Ecuadorian company specialized in providing comprehensive information security solutions.

Nihon Cyber Defense

Nihon Cyber Defense

Nihon Cyber Defence’s mission is to provide robust solutions, services and support to governments, corporates and organisations in order to protect them from all forms of cyber warfare.

ACET Solutions

ACET Solutions

ACET Solutions delivers a wide range of Automation, Cyber Security and Enterprise IT/OT Integration Solutions to industrial clients.

AuthLite

AuthLite

With AuthLite, you can keep using all your existing software, with added two-factor authentication security placed exactly where you need it.

SecureAge Technology

SecureAge Technology

We’re a rapidly growing cybersecurity company with an 18-year history of ZERO Data breaches. Our security solutions place security and usability on equal footing. Learn more about our technology.

Romanian Tech Startup Association (ROTSA)

Romanian Tech Startup Association (ROTSA)

Romanian Tech Startups Association is an umbrella organization that aims to promote, support and represent the interests of tech startups in Romania.

AWARE7

AWARE7

IT security for human and machine. With the help of our products and services, we work with you to increase the IT security level of your organization.

Aembit

Aembit

Aembit is the Identity Platform that lets DevOps and Security manage, enforce, and audit access between federated workloads

Aprio

Aprio

Aprio is a premier business advisory and accounting firm. We deliver advisory, tax, managed, and private client services to build value, drive growth, manage risk, and protect wealth.

DevOcean

DevOcean

DevOcean, the leader in Cybersecurity Exposure Remediation, helps organizations cut through the chaos by automatically consolidating, prioritizing, and streamlining fixes.