Healthcare organizations stepping up security spending in 2017
- Increasing use of digital technologies has put more health data at risk, from smartphones to internet of things devices, propelling investment to curb cybersecurity threats, a new survey suggests.
- About 80% of U.S. healthcare organizations and 76% globally plan to increase data security spending in 2017, according to the 2017 Thales Data Threat, Healthcare Edition.
- Many healthcare organizations said they are deploying such technologies on a broad scale, 69% adopting software-as-a-service, 59% big data, 46% mobile technologies and 35% internet of things.
Compliance was the chief driver of security spending among U.S. healthcare organizations (57%), while data breaches (39%) and protecting reputation and brand (39%) led concerns globally.
To protect sensitive data in the cloud and other container environments, most organizations rely on encryption. Sixty-five percent of U.S. healthcare organizations and 58% of global organizations said they encrypt data in the cloud. Similarly, 59% of U.S. and 58% of global organizations opted used encryption to secure sensitive internet of things data.
“Globally, healthcare companies are under pressure,” said Peter Galvin, vice president of strategy at Thales e-Security, citing increasing use of advanced technologies. “For healthcare data to remain safe from cyber exploitation, encryption strategies need to move beyond laptops and desktops to reflect a world of internet-connected heart-rate monitors, implantable defibrillators and insulin pumps. Adhering to the status quo will create vulnerabilities that lead to breaches, and further erode customer trust.”
A report by the Government Accountability Office released earlier this month urged the federal government, including HHS, to strengthen its cybersecurity capacity, particularly around electronic health records and state-based health insurance exchanges. Among other things, the report called on agencies to enhance detection of and response to cyber incidents and boost oversight of personal information.