Top healthcare IT executives say their organizations’ board members and senior leaders are paying more attention to data security concerns.

But at the same time, few organizations have a fully functional security program, say about 200 chief information, security and technology officers who participated in the survey, conducted by KLAS Research and the College of Healthcare Information Management Executives.

Only 16 percent of responding providers reported having a robust security initiative, and most of those were large hospitals or integrated delivery systems.

Also See: CIO and CMIO roles will continue to evolve in 2017

Some 41 percent of respondents reported that their organizations are developing a program and starting implementation; smaller hospitals and physician practices lag, survey results indicate.

According to the survey, 42 percent of responding organizations have a vice president or C-level person in charge of cybersecurity, and 62 percent of respondents report having quarterly security discussions with their boards.

“As healthcare continues to march toward greater integration and information sharing across the continuum, we must become more vigilant in protecting data networks,” says Russell Branzell, president and CEO of CHIME. “Security has to be seen as an organizational priority. It is encouraging to see more C-level executives and boards taking greater responsibility for the issue.”

Russell Branzell
Russell Branzell

More than half of respondents say their organizations are using encryption to secure information on networks; 42 percent are using antivirus/malware technology; and nearly two-thirds report using security information and event management technology (SIEM) to detect phishing and ransomware attacks. Significantly, 75 percent follow the NIST Cybersecurity Framework.

Also See: 13 top paying cloud and security jobs for 2017

The study also includes provider experiences in such security areas as data loss prevention, identity and access management, mobile device management and SIEM. The report is available here for free; registration is required.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access