Survey: Spending on Security Up
And organizations apparently are equally concerned about dealing with internal and external threats.
Asked to pick their single greatest security concern, "unauthorized access to clinical applications and patient data" tied with "breach of confidential information" for the top spot, each cited by 38 percent.
It's somewhat reassuring to see that the No. 2 information technology investment priority this year is security.
Unfortunately, a third of respondents say they are unable to track inappropriate access to patient records to help detect internal breaches. So there's still plenty of work to do to improve security.
A whopping 97 percent of those surveyed said the HIPAA and HITECH regulations are driving their I.T. purchasing decisions to some degree, but only 15 percent call them "the primary drivers." Another 29 percent say HIPAA and HITECH "are an influence," and 53 percent say they are "strongly considered." The biggest challenges in complying with the HITECH Act are educating employees and paying for "costly updates," the survey shows.
Imprivata, a company that specializes in security, conducted the online survey, which attracted 600 responses from a list of "thousands of healthcare industry contacts," a company spokesman says. The participating organizations were primarily hospitals, but clinics were represented as well. Those who responded had a wide variety of titles, ranging from CIO to chief medical officer.
Not surprisingly, electronic health records are the top IT investment priority this year, according to the survey. With the HITECH Act providing funds for Medicare and Medicaid incentive payments for using EHRs starting next year, many organizations are scrambling to get a piece of the action. It's somewhat reassuring to see that the No. 2 information technology investment priority this year is security.
Asked about the method of authentication they're using, 83 percent of those surveyed say they rely on application passwords, but many selected multiple methods. For example, 37 percent use biometrics and 35 percent use facility access cards.
Although they still rely heavily on passwords, 90 percent of those surveyed say passwords and the time it takes to access patient data impact physician satisfaction "very much" or "somewhat."
So has your organization been able to win additional funding for information security this year? What was the key to winning that support? We'd like to hear from you.