Private medical practices lag behind hospitals in performing risk analysis and implementing information security controls, a survey by the Healthcare Information and Management Systems Society (HIMSS) found.
According to the 2010 HIMSS Security Survey, sponsored by Intel and supported by the Medical Group Management Association, 33% of medical practices said they did not conduct a security risk analysis of their electronic health records, compared with only 14% of hospitals. Overall, 75% of all respondents did conduct a security risk analysis of their organizations.
Read more on InfoSecurity.