The Web-based survey of 196 health care CIOs and others found that about 60% of respondents’ organizations spend 3% or less of their I.T. budget on information security. That level is similar to the results of the same survey a year ago.
Other findings of the survey, conducted by the Chicago-based Healthcare Information and Management Systems Society and sponsored by Symantec Corp., a Mountain View, Calif.-based data security technology vendor, include:
* Only half of respondents said their organization has a plan in place for responding to threats or incidents of a security breach.
* About half reported that their organization has a formally designated chief security officer.
* Some three-quarters said they have conducted a formal risk analysis, but only half of these conduct this assessment annually or more frequently.
* Right now, 67% use encryption to secure data in transmission and less than half encrypt stored data.
* E-mail encryption and single sign-on were the most frequently identified security technologies that organizations plan to install in the months ahead.
* One-third of respondents reported their organization has had at least one known case of medical identity theft.
More information is available at himss.org.
--Howard Anderson
Be the first to comment on this post using the section below.