Healthcare IT Professionals Making Data Security a Priority

Healthcare Data Security

The health IT spending intentions survey conducted by TechTarget reveals that security is a top priority in the healthcare industry. The healthcare record is a valuable target for hackers and scammers, as it contains personal information, medical history and payment information.

TechTarget's survey shows that security is at the top of the list in terms of investments by healthcare IT professionals for a second consecutive year. Scott Wallask, SearchHealthIT's editorial director, says that the number of high profile breaches in 2015 might increase the industry's security spending even more. Of note, Hollywood Presbyterian Medical Center in California paid $17,000 in bitcoin in response to a ransomware attack.

The Hollywood Presbyterian breach and others like it have forced healthcare IT workers to dig deeper in their search for technology to protect healthcare data. "We're looking at products that are more innovative in terms of how they're trying to figure out what anomalies are going on in their network," said David Higginson of Phoenix Children's Hospital.

TechTarget's survey of 181 professionals from hospitals, providers, and insurance carriers found that other technologies making their way into healthcare are not being forgotten. An infographic from the survey shows that 83 percent of these professionals plan to increase their security investment over the next year, investing specifically in business intelligence and analytics, HIPAA compliance, EHR software and mobile health.

HIPAA compliance is seeing a boost in investment as a result of compliance audits beginning this year at the order of the Department of Health and Human Services' Office for Civil Rights (OCR). These audits take a close look into compliance with HIPAA privacy, security and breach notification rules with the intention of enforcing federal healthcare privacy law.

Rob Rhodes, advisory board member of the Association for Executives in Healthcare Information Security, called 2015 the year of the breach in the wake of a high volume of attacks on healthcare data. He coined 2016 as the year of the ransomware attack, hardly a better moniker.

OCR officials announced the launch of HIPAA compliance audits in March at the HIPAA Summit in Washington, D.C. Once OCR receives a response from a healthcare organization, it then sends surveys to learn about each organization. After analysis of the survey, OCR selects a representative sample of about 200 audit subjects.

"This is the long awaited start of the tortoise moving across the start line," said David Holtzman, VP of compliance at CynergisTek, Inc. in Austin Texas. Finally, the OCR's audits are allowing the federal government to take the issue of data breach in the healthcare industry seriously.

Just two years ago, the general public did not seem to know or care about the data breach issue in healthcare, but the game has changed. Rhodes says that patient trust is going to be an advantage in the future, that good performance in an audit could be used as a marketing tool.

HIPAA audits have arrived, and with them a steady increase in the investment of HIPAA compliance. Healthcare organizations are taking the threat of data breach more seriously, and that is good news for the American public.

Client Success

MetroHealth System Logo
  • 50% reduction in time to deploy Giva's change, incident, problem, asset management and knowledgebase modules
  • 60% reduction in the 5 year Total Cost of Ownership (TCO)
  • Saved at least 1 FTE due to lower ongoing administration
  • Saved 1 week per month due to easy to use reports
Athens Regional Health System Logo
  • Increased to 90% achievement in meeting service level agreements
  • 70% reduction in generating reports and admin; eliminated 35 hours/month
  • 50% faster to create/assign a service request
  • 60% increase in information captured during the initial phone call
  • 50% increase in the number of service requests created due to intuitive design
Santé Health Systems Logo
  • 80% increase in productivity by using Giva's dashboards and reports
  • 60% increase in meeting service level agreements
  • 45% increase in the number of the calls logged due to Giva's intuitiveness and ease of use
  • 50% increase in productivity by using Giva's integrated custom forms