5 ways health systems can improve their cybersecurity in 2018

January 24, 2018
Nick John Head of Compliance and Risk Management

Last year was a discouraging one for healthcare data security, and this year seems to be off to a rocky start as well. With attacks becoming more commonplace and damaging—and with medical information more valuable than ever—healthcare organizations are beginning to put a greater and much-needed focus on protecting patient data. 

According to a survey by KPMG, 47 percent of healthcare providers and health plans said they had faced security-related HIPAA violations or cyber-attacks that compromised patient data in 2017. That’s not a big surprise given that only 35 percent of respondents said they were “completely ready” to protect patient records.

Successful cyber-attacks reported last year included the following:

Of course, these are just a few examples of the security problems healthcare providers faced last year. For a fuller look at incidents taking place last year, you need look no further than the so-called “Wall of Shame,” a record of healthcare security breaches maintained by the HHS Office for Civil Rights. The hundreds of incidents listed there are a reminder of how pervasive such problems have been.

Fortunately, providers are learning from last year’s problems and are taking new approaches to security. Hospitals, medical practices, and their partners have begun to find solutions to some of their biggest data security challenges. Here are five ways health systems are beginning to defend themselves better against malicious actors: 

The truth is, healthcare industry has historically been a little late to the game on cybersecurity for quite some time. In recent years, healthcare IT budgets have accounted for a smaller percentage of revenue than virtually any other industry’s IT spending.

Today, though, most healthcare leaders realize that paying greater attention to cybersecurity is absolutely critical. After all, breaches are very expensive to repair, a public relations nightmare, and a potential legal disaster. 

All told, that healthcare executives are beginning to throw money and staff time at cybersecurity problems is a good thing—once providers have developed more effective approaches to avoiding data breaches, they can stop looking over their shoulder and focus on patient care.

Stay in the know! Subscribe to our newsletter.