Healthcare Information Security Today: 2011 Survey Executive Summary
Safeguarding Patient Information: Unfinished Business
What are the top information security challenges facing healthcare organizations today? Where are organizations most vulnerable, and what are their top security priorities for the year ahead?
For answers to these questions and more, check out the Healthcare Information Security Today webinar. Howard Anderson presents an overview of the survey's top findings, then leads an expert panel in a discussion of key topics such as:
- What's the best way to win support for more funding of information security initiatives?
- What are the most important steps to take to minimize security threats and avert breaches?
- What are the critical elements of a security awareness and training program?
See Also: From Risk Analysis to Risk Reduction: A Step-By-Step Approach
For decades, healthcare has lagged behind other industries when it comes to implementing information technology. Now that healthcare is playing catch-up, thanks, in large part, to federal funding provided by the HITECH Act, it faces the challenge of ensuring the privacy of newly digitized healthcare information.
In this overview of the Healthcare Information Security Today survey results, we cover:
Key Threats and Mitigation Steps
Staff mistakes and insider threats are top concerns, and organizations are investing in technologies, such as audit logs and mobile device encryption, to help mitigate these vulnerabilities.
Compliance: Keeping Up is a Challenge
Improving regulatory compliance is the No. 1 security priority for the year ahead, and organizations say they still have lots of work to do to meet the requirements of HIPAA and the HITECH Act.
Resources: Budget and Staffing Woes
Winning financial support for technology and staff investments is a continuing challenge, and many clinics, hospitals and other healthcare organizations lack a documented information security strategy.
Cloud Computing: Untested Waters
Roughly one-third of organizations are using cloud computing, with others citing concerns about security issues and HIPAA compliance.
Business Continuity: Status Report
Although virtually all organizations have a business continuity plan in place, a minority update or test their plan annually.
Following the survey overview, Anderson convenes a panel discussion of the findings. Panelists include:
- Adam Greene, partner at the law firm Davis Wright Tremaine and a former HIPAA-enforcement official at the HHS Office for Civil Rights;
- Christopher Paidhrin, security compliance officer at PeaceHealth Southwest Medical Center in Vancouver, Wash;
- Bob Krenek, senior director at Experian Data Breach Resolution.