Healthcare Security Study - Level 3 Communications

Feb 14, 2017 - ... maintaining a comprehensive security program at their organization. 25. Page 26. Thank you! HIMSS Analytics Advisory Solutions Group.
1MB Sizes 0 Downloads 76 Views
Healthcare Security Study February 14, 2017

Prepared For:

Enabling better health through information technology.

Presentation Outline  Research Purpose and Design  Research Methodology  Respondent Demographics  Research Findings and Results

3

Key Takeaways  Three-quarters of respondents say EHRs are the most reliant on network uptime at their organization  Every technique of security breach mitigation has over a 50% employment rate  

Remote access/secure access control is employed by over 87% of respondent organizations, and internal security awareness programs are employed by over 84% of respondent organizations Next generation firewall is the technique most likely to be employed at organizations within the next year, and cyber threat intelligence (CTI) is the technique most likely to be employed at organizations within the next two years

 78% of respondents identified employee security awareness/culture as the overall biggest concern in terms of security threat exposure, with nearly half of respondents ranking it as the top concern  Slightly more respondents identified competing priorities than budget as an overall greater barrier to achieving a comprehensive security program, but 13% more respondents identified budget as the number one barrier 

Lack of leadership buy-in ranked last in overall rankings, and tied for last in number one rankings

4

Key Takeaways  Respondents have a moderate level of concern towards a security breach occurring within a calendar year at their organization, with an average ranking of 4.8 out of 7  Over half of respondents reported their network provider is highly involved in the security strategy and investments at their organization  Over three-quarters of respondents indicate that network providers should be highly involved with security strategy and investments at their organization

5

Research Purpose and Design

To identify and understand high-level IT security concerns in the healthcare environment Through a web-based, voice-of-customer quantitative study with IT personnel at U.S. hospitals and healthcare systems

6

Research Methodology 

Target Market: U.S. Hospitals and Healthcare Systems, Ambulatory Groups and Facilities



Targeted: IT Leaders, C-Suite Executives, and IT professionals working amongst the healthcare environment 



Contacts via:

Recruitment:  Web study link open between January 17 and February 10, 2017

125

Respondents 7

Respondent Demographics

Patient Respondent Demographics

125 respondents

Work in or alongside the IT department at a healthcare provider organization

53%

87%

Organizations with 500+ beds

21%

C-suite level

Acute Inpatient Hospital/ Healthcare System

49%

Director or Manager of IT

13%

Ambulatory Organizations

30%

IT Security Officers or other IT positions 9

Respondent Demographics Respondent Titles (Grouped)

Respondent Titles Broken Down 4.0%

CCO

20.8%

C-suite

9.6%

CIO

3.2%

CISO

48.8%

Director/Manager of IT

CTO

4.0%

Clinical Informaticist

4.8% 19.2%

Director of IT

4.8%

IT Security Officer

29.6%

Manager of IT

IT Security Officers and other IT positions

30.4%

12.0%

Other IT positions

8.8%

Other (please specify): 0%

20%

N = 125

40%

60%

Other (please spec