HIMSS conducted a research on healthcare centers few weeks back. The research postulated that majority of healthcare organization are have increased their spending for security purpose. However, many of the centers’ allocated budgets still fall short.
Researcher of this survey also highlighted that healthcare groups are employing more IT experts that can tackle such risks. Survey findings were published at theHealthcare IT News/HIMSS Media Privacy & Security Forum in Boston.
For the last five years, healthcare centers has been continued to increase these expenses to make their EMR system more secure. But now this percentage is growing at rapid fast rate. Senior director of privacy and security for HIMSS says “Over the last five years, we see a significant portion of the organizations say that their privacy and security funding is between 1 and 3 percent of their budget.”
Bob Krenek, senior director at Experian Data Breach Resolution, also commented on this issue in critical way, he says that technology advancement is not always a major concern of security and privacy matters, but lack of policy procedures is a real issue. “Policy is as important as putting the programs in place,” he says. He also added that most of the healthcare organizations don’t take seriously data breaches for unknowing staff, who are suppose to make the calls and follow defined data breach procedure.
In 2009, about 20 million patient’s record have been illegally compromised in healthcare data breaches, according to Department of Health and Human Service. What’s even more alarming, Gallagher adds, is that “data breaches involving 499 or fewer are not counted in the HHS final count.” She observed that about 40-45 million patient records might have been breached. She didn’t confirm the numbers, as the data isn’t all there
Other survey findings include:
- Approximately 43 percent of survey respondents test their data violate response plans, 81 percent saying that they test their plans annually.
- About 78 percent of respondents test their security plan annually.
- About 90 percent of healthcare centers conduct regular risk analysis in contrast with the 65 percent of medical practices that do so.
- Data and security software is extensively used in among hospitals and healthcare centers. 97 percent firewall tool and about 92 percent user have access controls. 71 percent of respondents have used Wireless security protocols, offsite storage, disaster recovery and electronic signatures.
- There were certain tools that had lower adaptation rates, specifically, among medical practices. Intrusion, detection and prevention tools are usually used by only 36 percent out of 71 percent.