Electronic health records (EHRs), mobile communication devices, and patient portals are among the top health data security concerns cited by health care professionals, according to a survey by the MedData Group.
The survey, which included responses from 272 health care professionals, examined the top security concerns among hospital administrators, health IT professionals, and physicians.
The Top 10 IT challenges of 2015
The survey found the top three threats to security cited by respondents overall were:
- Malicious outsiders, cited by 68% of respondents;
- Compromised applications, cited by 65%; and
- Application, system, or network failures, cited by 40%.
Email and messaging systems were named by respondents as the top information assets that pose a security risk, with about 75% of hospital administrators and health IT professionals saying the systems are major threats, compared with 50% of physicians.
The other information assets named as representing key threats to respondents' organizations were:
- EHRs, cited by 51% of all respondents;
- Mobile communication devices, cited by 46%; and
- Patient portals, cited by 32%.
When asked about their organizations' ability to counter cybercrime, physicians and hospital administrators gave at times varying responses:
- 21% of physicians rated their practices as below average, compared with 8% of hospital administrators and health IT professionals;
- 38% of physicians rated their practices as adequate, compared with 46% of administrators and health IT professionals;
- About one-third of respondents from each group rated their organizations as above average; and
- 11% of physicians rated their practices as excellent, compared with 14% of administrators and health IT professionals.
Most large health organizations have already been hacked—twice
Meanwhile, the survey found respondents' motivations for securing sensitive data varied. For example:
- 83% of respondents cited the need to comply with standards and regulatory requirements;
- 44% cited the ability to respond to cyberthreats; and
- 36% cited the ability to quickly recover from a breach incident (Snell, Health IT Security, 7/2; Hall, FierceHealthIT, 7/6).
Next in the Daily Briefing
Should patients be paid to be healthy?