Email worries: Providers name their top health data security risks

Most worry about compromised applications, hackers

Electronic health records (EHRs), mobile communication devices, and patient portals are among the top health data security concerns cited by health care professionals, according to a survey by the MedData Group.

The survey, which included responses from 272 health care professionals, examined the top security concerns among hospital administrators, health IT professionals, and physicians.

The Top 10 IT challenges of 2015

Survey findings

The survey found the top three threats to security cited by respondents overall were:

  • Malicious outsiders, cited by 68% of respondents;
  • Compromised applications, cited by 65%; and
  • Application, system, or network failures, cited by 40%.

Email and messaging systems were named by respondents as the top information assets that pose a security risk, with about 75% of hospital administrators and health IT professionals saying the systems are major threats, compared with 50% of physicians.

The other information assets named as representing key threats to respondents' organizations were:

  • EHRs, cited by 51% of all respondents;
  • Mobile communication devices, cited by 46%; and
  • Patient portals, cited by 32%.

When asked about their organizations' ability to counter cybercrime, physicians and hospital administrators gave at times varying responses:

  • 21% of physicians rated their practices as below average, compared with 8% of hospital administrators and health IT professionals;
  • 38% of physicians rated their practices as adequate, compared with 46% of administrators and health IT professionals;
  • About one-third of respondents from each group rated their organizations as above average; and
  • 11% of physicians rated their practices as excellent, compared with 14% of administrators and health IT professionals.

Most large health organizations have already been hacked—twice

Meanwhile, the survey found respondents' motivations for securing sensitive data varied. For example:

  • 83% of respondents cited the need to comply with standards and regulatory requirements;
  • 44% cited the ability to respond to cyberthreats; and
  • 36% cited the ability to quickly recover from a breach incident (Snell, Health IT Security, 7/2; Hall, FierceHealthIT, 7/6).

The takeaway: About 75% of hospital administrators and health IT professionals named email and messaging systems as the top information assets that pose a security risk to their organization, according to a recent survey.


Next in the Daily Briefing

Heroin-related overdose deaths have doubled since 2011

Read now

Join the discussion

Please log in to comment.
Close

Forgot your password?


Not an Advisory Board Member? Click here to register

Close

Members please Log In

LOG IN

Forgot your password?


Not an Advisory Board Member? Click here to register