Dive Brief:
- Of late, cyberattacks against healthcare organizations have been rising, according to the FBI. The agency's report comes in the wake of the substantial breach experienced by Community Health Systems, in which cybercriminals stole non-medical data on 4.5 million patients.
- A new Ponemon Institute study of 567 US executives from various industries, who were asked about their readiness for data breaches, found that 73% of respondents had a data breach plan in place. The executives included 13% who were in healthcare/pharma.
- However, despite their confidence, only 30% of execs said their organization was "effective" or "very effective" at developing and executing a data breach response plan.
Dive Insight:
To improve their capacity for fighting off data breaches, execs concede, they need to take several steps. This includes assigning staffers with heavy security expertise to their team, conducting more data breach response "fire drills," dedicating a budget to data breach preparedness and boosting participation and oversight from senior execs.
Ponemon chair Larry Ponemon, for his part, recommends that organizations do data breach readiness testing, have their data breach response plans reviewed by outside experts, and to involve their board of directors in security planning.
As other experts have noted, the key for healthcare organizations is to see to it that senior executives are significantly involved and see security as a strategic priority. Otherwise, health leaders are unlikely to budget enough to address even routine security protections.