DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

82% of Health IT Executives Report Their Organizations Are Not Prepared for the Unexpected

Posted on February 3, 2014 by Dissent

Some intriguing statistics in this survey. I’ll have to find time to reach the actual study before I can comment, though.

MeriTalk, a public-private partnership focused on improving the outcomes of health and government IT, today announced the results of its new report, “Rx: ITaaS + Trust.” Healthcare IT executives agree trusted IT solutions play a key role in enabling IT-as-a-Service (ITaaS), an IT model that helps healthcare providers transform their extended IT infrastructure, improve service levels, deploy healthcare applications more quickly, and reduce costs. MeriTalk’s new report, based on a survey of healthcare IT executives and underwritten by EMC Corporation, quantifies the organizational cost associated with security breaches, data loss, and unplanned outages for healthcare providers – more than $1.6B a year – and provides insight into go-forward strategies.

“Trust has become a board-level business priority. Healthcare organizations have always focused on information security, but today they must do more to protect data and ensure accessibility to meet ARRA HITECH HIPPA requirements.”

Health information is often a target for malicious activity and 61 percent of global healthcare organizations surveyed have experienced a security related incident in the form of a security breach, data loss, or unplanned downtime at least once in the past 12 months.

Based on estimates from health IT executives in the EMC Global IT Trust Curve Survey, these incidents cost U.S. hospitals an estimated $1.6B each year.

  • Security Breaches: Nearly one in five (19 percent) global healthcare organizations has experienced a security breach in the last 12 months at a cost of $810,189 per incident. Health IT executives say the most common causes for breaches include malware and viruses (58 percent); outsider attacks (42 percent); physical security – loss/theft of equipment (38 percent); and user error (35 percent)
  • Data Loss: Nearly one in three (28 percent) global healthcare organizations has experienced data loss in the past 12 months at a total cost of $807,571 per incident. And, of those, more than a third (39 percent) have experienced 5 or more incidences of data loss in the past 12 months. Common causes of data loss include hardware failure (51 percent); loss of power (49 percent); and loss of backup power (27 percent)
  • Unplanned Outages: Almost two out of five (40 percent) global healthcare organizations have experienced an unplanned outage in the past 12 months at a cost of $432,000 per incident. On average, healthcare organizations have lost 57 hours to unplanned downtime over the past 12 months. The most common causes of outages include hardware failure (65 percent); loss of power (49 percent); software failure (31 percent); and data corruption (24 percent)

Providers acknowledge there is more work to be done. Less than one-in-three respondents (27 percent) believe their organization is fully prepared to ensure continuous availability of ePHI during unplanned outages, disaster recovery, or emergency mode operations. And, once an emergency has passed, only 50 percent of respondents are confident in their organization’s ability to restore 100 percent of the data required by SLAs. More than half (56 percent) would need eight hours or more to restore 100 percent of the data. The majority – 82 percent – say their technology infrastructure is not fully prepared for a disaster recovery incident.

Recognizing the importance of trusted IT solutions, organizations plan to focus on encryption of protected health information (55 percent); complying with the security risk analysis EMR Meaningful Use requirements (54 percent); and breach prevention and detection (44 percent).

“Healthcare organizations are making significant IT investments to transform IT infrastructure and ensure that patient information is secure, protected, and highly available,” says Scott Filion, General Manager, Global Healthcare, EMC Corporation. “Trust has become a board-level business priority. Healthcare organizations have always focused on information security, but today they must do more to protect data and ensure accessibility to meet ARRA HITECH HIPPA requirements.”

Of the healthcare organizations who are not currently offering a particular IT capability “as a service,” half plan to do so within the next five years. Many are taking key steps to prepare – including:

— HIPAA Security Risk Analysis as part of EMR Meaningful Use requirements 46%
— Single Sign On and authentication for Web-based applications and portals 44%
— Audit tools and log management 43%
— Encryption for protected health information 42%
— Multi-factor authentication for remote access for clinical staff accessing networks (including ePHI) remotely 35%
— Security analytics to help with breach prevention 32%
— Centralized management and authenticated access to health information 31%
— Data Loss Prevention to monitor the location and flow of sensitive data 29%

The MeriTalk study is based on a survey of 100 health IT executives. The EMC IT Global Trust Curve Study surveyed 283 global health IT executives.

View the video and download the complimentary “Rx: ITaaS+Trust” infographic report today at: http://www.meritalk.com/Rx.

About MeriTalk

MeriTalk is an online community and go-to resource for government and healthcare IT issues – www.meritalk.com. MeriTalk hosts a series of Exchange communities in Big Data, cloud computing, data center consolidation, and cyber security. In addition, MeriTalk develops research studies, manages events, builds applications, and routinely testifies on the Hill on IT and workforce issues.

EMC is either a registered trademark or trademark of EMC Corporation in the United States and other countries.

Related posts:

  • Protect Good Faith Security Research Globally in Proposed UN Cybercrime Treaty
Category: Health Data

Post navigation

← KR: Insurance firms leak personal data
Data for 685 Fairfax students mistakenly posted online →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • McDonald’s McHire leak involving ‘123456’ admin password exposes 64 million applicant chat records
  • Qilin claims attack on Accu Reference Medical Laboratory. It wasn’t the lab’s first data breach.
  • Louis Vuitton hit by data breach in Türkiye, over 140,000 users exposed; UK customers also affected (1)
  • Infosys McCamish Systems Enters Consent Order with Vermont DFR Over Cyber Incident
  • Obligations under Canada’s data breach notification law
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • Air Force Employee Pleads Guilty to Conspiracy to Disclose Unlawfully Classified National Defense Information
  • UK police arrest four in connection with M&S, Co-op and Harrods cyberattacks (1)
  • At U.S. request, France jails Russian basketball player Daniil Kasatkin on suspicion of ransomware conspiracy
  • Avantic Medical Lab hacked; patient data leaked by Everest Group

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • DeleteMyInfo Wins 2025 Digital Privacy Excellence Award from Internet Safety Council
  • TikTok Loses First Appeal Against £12.7M ICO Fine, Faces Second Investigation by DPC
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • How to Build on Washington’s “My Health, My Data” Act
  • Department of Justice Subpoenas Doctors and Clinics Involved in Performing Transgender Medical Procedures on Children
  • Google Settles Privacy Class Action Over Period Tracking App
  • ICE Is Searching a Massive Insurance and Medical Bill Database to Find Deportation Targets

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.