Cybersecurity is top of mind for health system execs in 2019

Healthcare executives are focused on three areas of health IT in 2019—cybersecurity, telehealth and interoperability—which they believe will have the greatest impact on the industry next year.

Those are among the findings from a new survey of 44 execs representing 38 health systems with average annual revenue of $5.3 billion.

The survey, released by the Center for Connected Medicine in partnership with The Health Management Academy, was the second consecutive year that the organizations collaborated to research the most pressing HIT issues C-suite leaders are anticipating.

“As health system leaders look ahead to the challenges and opportunities of the coming year, they are increasing their spending to defend against cyberattacks, expressing optimism about reimbursement for telehealth services, and feeling anxiety about Apple, Amazon and Google entering the healthcare space,” according to the report.

Cybersecurity remained at the top of the list from last year’s survey, with telehealth and interoperability rising in the 2019 ranking. Last year’s report identified cybersecurity, consumer-facing technology, and predictive analytics as the top three HIT areas of focus for 2018.

“While consumerism and analytics remain hot topics in healthcare, it was not surprising to see telehealth and interoperability rise in the minds of health IT executives for 2019,” states the report. “Policymakers, in particular, have emphasized telehealth and interoperability in the past year, and the threats of cyberattacks and data breaches are constant in healthcare.”

Not surprisingly, spending on cybersecurity will increase for the second year in a row as health systems attempt to bolster their defenses against cybercriminals. In the survey, 87 percent of respondents indicated that they expect to increase spending on cybersecurity in 2019, with nearly half expecting an increase of greater than 5 percent, while no health system is expecting to decrease spending.

Among healthcare execs, the most commonly cited cybersecurity challenge was employee education—62 percent of respondents named “staff” as the greatest potential vulnerability, with phishing and spear-phishing topping the list of the most common types of cyberattacks over the past 12 months.

“Despite increasing financial investment and prioritization of cybersecurity at health systems, executives did not express robust confidence in their organization’s IT recovery and business continuity plans after an attack or breach,” notes the report. “Seven out of 10 respondents reported being ‘somewhat confident’ in their recovery and continuity plans; only 20 percent said they were ‘very confident.’”

HDM-061917-Breaches.png

Also See: Survey finds many providers fall short on security preparedness

Execs in the survey also indicated that a lack of interoperability has made it more difficult for health systems to address certain key IT priorities such as improved efficiency, cost reduction, and advanced analytics. In the “other” category, survey respondents included closing the care gap, collecting longitudinal patient data, and integration with non-owned partners.

While a lack of interoperability was cited as a barrier to achieving certain IT priorities, when execs were asked if their organization’s use of major electronic health record vendors was stifling innovation, 61 percent answered no.

“This was a surprising finding that appeared to conflict with the comments provided by executives in the qualitative interviews,” the report observed. “There also may be some hesitance on the part of informatics executives to admit problems with infrastructure their health systems have spent millions of dollars to stand up.”

Other key findings from the survey include:

  • HIT leaders overwhelmingly expect government and commercial reimbursement to provide the majority of funding for telehealth services by 2022; internal funding and patient payments are expected to provide the majority of funding for telehealth in 2019.
  • 70 percent of responding executives said they were “somewhat concerned” about big tech companies, such as Apple, Amazon and Google, disrupting the healthcare market; 10 percent were “very concerned.”

“Health systems are making the leap to offer telehealth services, despite the nebulous economics of offering such services,” states the report. “Most health system executives interviewed for this study said their health system had not yet calculated a specific return on investment (ROI) for telehealth. But systems are investing anyway as a hedge that future reimbursement will outweigh the potential losses of today.”

When it comes to big tech companies—such as Apple, Amazon, and Google—entering the healthcare space, the overarching concern among execs about these behemoths was their ability to offer a better consumer experience—an area where many health systems are feeling vulnerable.

“The biggest threat is if these companies get between us and the end consumer. If there is a platform regulated and controlled by someone other than us—that makes us nervous,” a CEO commented. “There are many places where some of these new platforms and conveniences can and will likely succeed—we haven’t been good in this space. Going to try very hard to not let that happen and deliver our own capabilities conveniently.”

At the same time, many health system execs expressed the desire to partner with the big tech companies and work with them to transform healthcare.

The research was conducted by the Health Management Academy, a membership organization for execs from the top-100 health systems, in partnership with the Center for Connected Medicine, which is jointly operated by GE Healthcare, Nokia and the University of Pittsburgh Medical Center.

The report can be downloaded here.

For reprint and licensing requests for this article, click here.