Threatened with the growing problem of health data breaches, information technology leaders at healthcare organizations are increasing investments this year in their security infrastructures, according to results of a new survey from IT staffing firm TEKsystems.

Security is a growth area in 2016 in terms of healthcare organization IT budgets, respondents indicated. When asked which technology categories will have the biggest impact on their organizations this year, 60 percent of respondents indicated that security was the top priority in their budgets this year, up from 54 percent in 2015.

In the survey, security edged out business intelligence and big data, mentioned by 58 percent of respondents; mobility (55 percent); cloud computing (49 percent); and consumerization of IT/bring your own device (47 percent).

“Security is one of our fastest growing technology areas because nobody wants their company’s name in the paper associated with a data breach,” says Mitch Gardner, northeast regional director for TEKsystems Healthcare Services. “If you look at the other four areas—BI/big data, mobility, cloud computing, and BYOD—they all have a major security component.”

Gardner contends that initiatives related to mobile health and patient engagement are also drivers for continued spending in security, given that wearables and the Internet of Things are beginning to shift how providers care for their patients, bringing with them inherent security vulnerabilities.

Securing data and networks has never been more important for these organizations, because 2015 was a watershed year for healthcare hacking incidents. In fact, healthcare records for one in three Americans were breached last year, with records of 111 million people potentially accessed by hackers, compared with only about 1.8 million individuals in 2014, according to data analysis released last month by cybersecurity vendor Bitglass.

And, with an 80 percent increase in the number of hacks in 2015, health IT leaders are not taking chances as they look to beef up security and increase staffing. When TEKsystems asked HIT executives if they expect 2016 security spending to change, the percentage of IT leaders expecting increases was 73 percent, compared with 70 percent in 2015.

Karsten Scherer, an analyst with TEKsystems, observes that healthcare organizations were definitely concerned about security vulnerabilities last year, but many were not making it a top priority. “It wasn’t that it wasn’t on their radar in 2015, but now they are legitimately doing something about it and implementing tools for intrusion detection and monitoring, while addressing improper use and access,” Scherer says. In addition, he sees mHealth and medical devices getting more attention from providers.

An August 2015 study published in Communications of the ACM found that security remains one of the most important concerns because of to the potential risks of cyberattacks on medical devices. For example, more than two-thirds (69 percent) of respondents said their organization’s IT security does not meet expectations for FDA-approved medical devices.

However, as healthcare organizations try to increase staffing to bolster security, Scherer argues that they are having an increasingly difficult time finding security professionals with the requisite skills and experience. Respondents to this year’s TEKsystems survey said it was hardest to find information security executives, eclipsing project managers, which was last year’s hardest position to fill.

Not surprisingly, when asked whether they expect their IT staff’s security salaries to change this year versus last year, the percentage of IT leaders expecting increases in 2016 was 62 percent versus 59 percent in 2015.

“While core builder positions (i.e., programmers and developers, software engineers) are both critical and difficult to fill, security—critical for all stages of a healthcare IT initiative—has continually increased in importance, and as a result, continues to maintain its priority as the area where the highest percentage of healthcare IT leaders are allocating salary increases,” states TEKsystems’ annual IT forecast, which is based on a survey of nearly 100 HIT leaders including CIOs, vice presidents, directors, as well as hiring managers at healthcare organizations that averaged about $50 million in revenue.

Scherer notes that as security takes on increasing importance for healthcare organizations, there are “some interesting tensions that are beginning to crop up between business executives and traditional IT executives for control.” He concludes that the “old school CIOs are going to have to rise to the challenges or get left behind.”

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access