US Healthcare: Data Breaches Are Increasingly Common

Uploaded on 2015-04-27 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare, TECHNOLOGY--Hackers

 

Vormetric-LP-Quote-module-2013-1024.jpg

Health care organizations are rethinking their reliance on compliance requirements as the primary way to protect patient data, according to a Harris Poll survey of 920 IT decision makers, which was conducted on behalf of Vormetric.
The survey results indicate that data protection in healthcare organizations has been driven largely by compliance requirements – 54 percent reported compliance requirements as the top reason for protecting sensitive data, and 68 percent rated compliance as very or extremely effective at stopping insider threats and data breaches.
At the same time, more than a quarter of respondents (26 percent) reported that their organization had previously experienced a data breach, and nearly half (48 percent) reported that in the last year their organization had failed a compliance audit or encountered a data breach.
However, the study indicates that priorities are changing, with respondents reporting that compliance is now their second priority for IT security spending at 39 percent. Preventing a data breach ranks first at 53 percent.
In addition, 63 percent of health care IT decision-makers report that their organizations are planning to increase spending to offset data threats.
An overwhelming 92 percent of respondents said their organizations are either somewhat or more vulnerable to insider threats, and 49 percent felt very or extremely vulnerable.
Additionally, 62 percent of respondents identified privileged users, those who have access to all resources available from systems they manage, as the most dangerous insiders. Partners with internal access and contractors ranked second and third.
The top factors driving IT security spending were data breach prevention at 53 percent, fulfilling compliance requirements and passing audits at 39 percent, and protection of financial and other assets at 38 percent.
"There is an evolution in process from a fixation on meeting compliance requirements, to protecting their organizations and patients from the consequences of data breaches," Kessler said. "In effect, they are beginning to protect patients’ data as another element of protecting patients’ health. Frankly, we think we’ll see more health care organizations reset priorities as more breaches lead to financial and legal headaches. Sometimes, lessons need to be learned the hard way."
eWeek: http://bit.ly/1DX7731

« Cyber Insurance: An Ineffective Way of Dealing with Hacks?
Will Biometrics Take Over From Passwords? »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

QATestLab

QATestLab

QATestLab is a leading International software testing company offering a full range of software testing services including security testing.

MaxMind

MaxMind

MaxMind is an industry-leading provider of IP intelligence and online fraud detection tools.

aeCERT

aeCERT

aeCERT is the national Computer Emergency Response Team for the United Arab Emirates.

Ergon Informatik

Ergon Informatik

Ergon Informatik AG is Switzerland's leading provider of customised software solutions and software products including fraud detection and the Airlock web security suite.

Ioetec

Ioetec

Ioetec's mission is to connect users to their IoT devices securely, ensuring these devices remain safe to use in our increasingly connected world.

Improsec

Improsec

Improsec is a fully independent Cyber Security advisory company - we provide knowledge, experience and both strategic and deep technical expertise to our clients.

Internet 2.0

Internet 2.0

Internet 2.0 is a Cyber Security technology company with a core focus on developing affordable but sophisticated cyber security solutions.

Hyperion Gray

Hyperion Gray

Hyperion Gray are a small research and development team focused on innovative work in a variety of areas including Software & Security Research, Penetration Testing, Incident Response, and Red Teaming

National Cybersecurity Agency (ACN) - Italy

National Cybersecurity Agency (ACN) - Italy

The ACN is the National Authority for Cybersecurity in Italy. the Agency promotes public-private initiatives to strengthen the national cybersecurity and resilience posture.

Secure Halo

Secure Halo

Secure Halo has been protecting the intellectual assets and sensitive information of the federal government and private sector for 20+ years, through our proactive approach to risk and cybersecurity.

NMi Group

NMi Group

NMi Group is a global pioneer in mission-critical Testing, Inspection, Certification, and Calibration (TICC) services.

Assura

Assura

Assura provides innovative cybersecurity advisory and managed services to all industries including government, healthcare, financial, manufacturing, and transportation sectors.

Quantum Dice

Quantum Dice

Quantum Dice is an award-winning venture-backed spinout from Oxford University’s world-renowned quantum optics laboratory.

Novera

Novera

Novera offer security assessment and advisory services to help businesses manage risks from AI, cyber and privacy.

Astra Cybertech

Astra Cybertech

At Astra Cybertech, we're more than just cybersecurity experts - we're your partners in safeguarding your digital assets.

rConfig

rConfig

rConfig is a platform for automated network configuration management and backup. It enables quick rollbacks to prevent outages and ensures easy auditing.