Healthcare organizations need to take a proactive stance to guard against cyber threats, according to IDC Health Insights, a global health IT firm, in a recent report.
With electronic health data more widely available, healthcare entities are at greater risk than ever of a cyber attack, according to the report. This risk increases as the value of health information, used to commit medical fraud, is surpassing the value of social security and credit card numbers on the black market.
The report shared the following findings:
- After physical loss or theft of devices, malicious hacking or IT incident was the most common breach reported to the federal government. In 2013, 20 (out of 175) breaches related to hacking or an IT incident.
- All respondents reported that they had experienced a cyber attack in the past 12 months; 39.4 percent reported that they were attacked more than 10 times and 27.1 percent of the attacks were reported as successful.
- Security is a top IT initiative for healthcare providers; security and risk management technologies was the top initiative for 29 percent of respondents.
- 25 percent of cyber attacks impacted normal business operations, with most respondents (52.2 percent) indicating that the shortest impact lasted less than an hour and 43.3 percent reporting the longest duration as between 8 and 24 hours.
- Most healthcare executives reported that their spending on cyber threats increased (59.6 percent) or stayed the same (38.3 percent) over the past three years.
- Surveyed consumers reported a willingness to end a healthcare relationship after a breach, including changing their care providers (21.6 percent) and changing health plans (5 percent).
"For healthcare organizations, it's not a matter of if they are going to be attacked but when. Healthcare cyber security strategies need to take a comprehensive approach and include not only react and defend capabilities, but also predict and prevent capabilities to effectively thwart cybercriminals,” said Lynne A. Dunbrack, research vice president, IDC Health Insights, in a statement.