Brief

Healthcare organizations stepping up security spending in 2017

Dive Brief:

  • Increasing use of digital technologies has put more health data at risk, from smartphones to internet of things devices, propelling investment to curb cybersecurity threats, a new survey suggests.
  • About 80% of U.S. healthcare organizations and 76% globally plan to increase data security spending in 2017, according to the 2017 Thales Data Threat, Healthcare Edition.
  • Many healthcare organizations said they are deploying such technologies on a broad scale, 69% adopting software-as-a-service, 59% big data, 46% mobile technologies and 35% internet of things.

Dive Insight:

Compliance was the chief driver of security spending among U.S. healthcare organizations (57%), while data breaches (39%) and protecting reputation and brand (39%) led concerns globally.

To protect sensitive data in the cloud and other container environments, most organizations rely on encryption. Sixty-five percent of U.S. healthcare organizations and 58% of global organizations said they encrypt data in the cloud. Similarly, 59% of U.S. and 58% of global organizations opted used encryption to secure sensitive internet of things data.

“Globally, healthcare companies are under pressure,” said Peter Galvin, vice president of strategy at Thales e-Security, citing increasing use of advanced technologies. “For healthcare data to remain safe from cyber exploitation, encryption strategies need to move beyond laptops and desktops to reflect a world of internet-connected heart-rate monitors, implantable defibrillators and insulin pumps. Adhering to the status quo will create vulnerabilities that lead to breaches, and further erode customer trust.”

A report by the Government Accountability Office released earlier this month urged the federal government, including HHS, to strengthen its cybersecurity capacity, particularly around electronic health records and state-based health insurance exchanges. Among other things, the report called on agencies to enhance detection of and response to cyber incidents and boost oversight of personal information.

Filed Under: Health IT