New findings disclose health care security gaps

Trustwave's 2015 Security Health Check Report has been released. The report surveyed 398 full-time health care workers to measure the security complications and flaws facing healthcare in the US. The study shows that 91 percent of technical respondents believe criminals are targeting healthcare organisations at a growing rate, but only 10 percent or less of the IT budget goes toward cyber-security and protecting the highly-sensitive information belonging to their patients.

According to a study by Accenture, the size of the global electronic healthcare record (eHR) system will grow at a yearly rate of 5.5 percent and reach $22.3 billion (£14.6 billion) by the end of 2015. Organisations are continuing to adopt eHR systems to track their patient information as the federal Affordable Care Act gave incentive to move away from paper records. The growing threat surface is creating a crucial need for healthcare businesses to test everything across databases, networks and applications as the industry businesses make the changes.

The Trustwave study also discovered that 79 percent of technical respondents and 77 percent of non-technical respondents are most concerned about losing their patient data above other types of information if their organisation is breached. Seventy four percent of technical respondents have concerns about their organisation getting breached, compared to 51 percent of non-technical respondents. Sixty five percent of non-technical respondents feel that external threats bring more of a concern that insider threats. Over a third (35 percent) of technical respondents said their company doesn't have enough staff and security expertise to dedicate to security.

“Today's health care industry is under attack. From hospitals to physicians to urgent care clinics, health care organisations are swimming in consumer data and must make security a priority in order to protect it,” said Steve Kelley, senior vice president of corporate and product marketing at Trustwave.