Healthcare News & Insights

The health IT security mistake many organizations make

A recent survey shows that while most healthcare organizations are doing a good job protecting the security of electronic patient information, there are still some that lag behind.

Nearly three-quarters (74%) of organizations conduct a regular security risk analysis to determine potential threats to patient data, according to the 4th Annual HIMSS Security Survey, a recent report by the Healthcare Information and Management Systems Society.

Of course, having a majority of organizations perform those assessments is a good thing – but it also means 26% aren’t assessing their own security vulnerabilities, which could lead to lost or stolen data down the line.

Those that do conduct security assessments are finding them useful – 83% say it helps them determine what security controls to put into place. Assessments are most often conducted once a year (as reported by 49% of organizations), with another 21% performing them every two years, and 8% doing them every six months.

The survey also found that organizations are using a variety of security tools to protect patient data. The most common tools are:

  1. Firewalls (used by 99% of respondents)
  2. User access controls (94%)
  3. Audit logs to record when patient records are accessed and by whom (83%)
  4. Off-site storage (76%)
  5. Disaster recovery tools to prevent lost records (75%)

To read more about healthcare organizations’ security strategies, download the full HIMSS report here.

Subscribe Today

Get the latest and greatest healthcare news and insights delivered to your inbox.

Speak Your Mind