Dive Brief:
- A recent survey of 1100 senior IT security executives by Vormetric, a data security company, found that 96% felt vulnerable to data threats, and 63% have experienced a data breach.
- Almost 70% of the survey respondents said meeting compliance requirements is "very" or "extremely" effective in protecting data.
- HIPAA compliance is not the end-all for healthcare IT security, said study author and senior analyst of information security at 451 Research Garrett Bekker adding, "being compliant doesn't necessarily mean you won't be breached and have your sensitive data stolen."
Dive Insight:
Vormetric, which partnered with 451 Research to conduct the survey, reported 60% of the respondents are spending more on enhanced data protection, and 46% plan to implement data security tools that meet industry best practices.
"IT security professionals are spending heavily on what has worked for them in the past," Bekker said in a prepared statement. "They are continuing to invest in defenses like network and endpoint security offerings that offer little help in protecting data once perimeters have been breached."
More than 60% of respondents said compliance was the main reason to secure data, while 49% said reputation and brand were ranked first.
The survey found more than 50% of respondents pointed to misconceptions about the complexity of data security as the biggest hurdle to adopting better practices, and 38% said it was staffing issues. Other factors included no support from their organization (33%) and lack of funding (30%).
Tina Stewart, Vormetric's vice president of marketing, said in a statement that healthcare organizations must prioritize the safety of patient data and privacy and realize that meeting compliance requirements is just the first step in healthcare IT security.