US Healthcare: Data Breaches Are Increasingly Common

Uploaded on 2015-04-27 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare, TECHNOLOGY--Hackers

 

Vormetric-LP-Quote-module-2013-1024.jpg

Health care organizations are rethinking their reliance on compliance requirements as the primary way to protect patient data, according to a Harris Poll survey of 920 IT decision makers, which was conducted on behalf of Vormetric.
The survey results indicate that data protection in healthcare organizations has been driven largely by compliance requirements – 54 percent reported compliance requirements as the top reason for protecting sensitive data, and 68 percent rated compliance as very or extremely effective at stopping insider threats and data breaches.
At the same time, more than a quarter of respondents (26 percent) reported that their organization had previously experienced a data breach, and nearly half (48 percent) reported that in the last year their organization had failed a compliance audit or encountered a data breach.
However, the study indicates that priorities are changing, with respondents reporting that compliance is now their second priority for IT security spending at 39 percent. Preventing a data breach ranks first at 53 percent.
In addition, 63 percent of health care IT decision-makers report that their organizations are planning to increase spending to offset data threats.
An overwhelming 92 percent of respondents said their organizations are either somewhat or more vulnerable to insider threats, and 49 percent felt very or extremely vulnerable.
Additionally, 62 percent of respondents identified privileged users, those who have access to all resources available from systems they manage, as the most dangerous insiders. Partners with internal access and contractors ranked second and third.
The top factors driving IT security spending were data breach prevention at 53 percent, fulfilling compliance requirements and passing audits at 39 percent, and protection of financial and other assets at 38 percent.
"There is an evolution in process from a fixation on meeting compliance requirements, to protecting their organizations and patients from the consequences of data breaches," Kessler said. "In effect, they are beginning to protect patients’ data as another element of protecting patients’ health. Frankly, we think we’ll see more health care organizations reset priorities as more breaches lead to financial and legal headaches. Sometimes, lessons need to be learned the hard way."
eWeek: http://bit.ly/1DX7731

« Cyber Insurance: An Ineffective Way of Dealing with Hacks?
Will Biometrics Take Over From Passwords? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Cyber Conflict Studies Association (CCSA)

Cyber Conflict Studies Association (CCSA)

Cyber Conflict Studies Association (CCSA) is a non-profit organization dedicated to leading a diversified research agenda in the field of cyber conflict.

Qualys

Qualys

Qualys is a pioneer and leading provider of cloud security and compliance solutions.

SoftLock

SoftLock

Softlock is a regional leader in Information Security providing solutions, consulting, integration and testing services to protect information assets, identities and supporting infrastructure.

IoT Defense

IoT Defense

IoT Defense (IOTD) is a cybersecurity and networking company building solutions that enable the protection of networks and the ever-increasing prevalence of IoT devices.

OXO Cybersecurity Lab

OXO Cybersecurity Lab

OXO Cybersecurity Lab is the first dedicated cybersecurity incubator in the Central & Eastern Europe region.

Threat Status

Threat Status

Threat Status are a Threat Intelligence company. We are the developers of Trillion. A cloud based Security As A Service (SaaS) platform.

Financial Services Information Sharing and Analysis Center (FS-ISAC)

Financial Services Information Sharing and Analysis Center (FS-ISAC)

The Financial Services Information Sharing and Analysis Center is the only global cyber intelligence sharing community solely focused on financial services.

Otorio

Otorio

OTORIO delivers industrial cybersecurity and digital risk-management solutions and services. We help our customers to keep their revenue-generating operations resilient, efficient, and safe.

Network Perception

Network Perception

Network Perception proactively and continuously assures the security of critical OT assets with intuitive network segmentation verification and visualization.

IriusRisk

IriusRisk

IriusRisk is an open Threat Modeling platform that automates and supports creating threat models at design time.

Finesse Global

Finesse Global

Finesse is a global system integration and digital business transformation company.

SYN Ventures

SYN Ventures

SYN Ventures invests in disruptive, transformational solutions that reduce technology risk.

ExchangeDefender

ExchangeDefender

ExchangeDefender provides cybersecurity services that secures your company email and data, and guarantees 24/7 email access.

Purple Team

Purple Team

Purple Team is an expert cybersecurity and managed security service provider focused on arming your IT infrastructure with both red team and blue team services.

Revytech

Revytech

Revytech is a tech company providing services in a broad range of areas including IT operations, cyber security and network engineering.

Relyance AI

Relyance AI

Relyance AI - One unified platform for privacy, security, & governance.