With the dramatic number of security breaches over the last few years, it should come as no surprise that the healthcare industry has plans to increase spending on IT security. An article over at CIO talks about just how necessary the increase in IT security spending really is.
According to a survey released this Tuesday, 81 percent of U.S. healthcare companies plan to increase security spending this year, compared to an overall industry average of 73 percent.”
The intent of the healthcare industry to up their spending on IT security has increased 21% from last year, indicating that companies are well aware of the potential of a security breach to occur and their need to protect their organization from suffering the same fate as many have in the past.
The higher interest in improving security is likely due to a combination of increased awareness of both data breaches and risks of ransomware, as well as increased regulatory oversight, said Jim DeLorenzo, solutions marketing manager at Thales e-Security, which produced the report.”
While the healthcare industry is becoming more alert to the dangers of data breaches, it is worth noting that the actual breach incident rate is lower in the healthcare industry than in other industries. Although the healthcare industry does not see the highest number of breaches, that does not mean organizations should not take protecting their patients’ health information seriously. Auditors are cracking down harder than ever on healthcare companies in terms of HIPAA compliance, with regulators suggesting the number of audits will increase right alongside an increase in penalties.
For example, earlier this month, the Children’s Medical Center of Dallas agreed to a $3.2 million settlement for ignoring security recommendations and not encrypting patient records.”
It is not too late to improve your company’s IT security! Ensuring employees are properly trained on HIPAA practices is a great way to reduce the chance of facing a security breach. Conducting a yearly risk assessment is another great way to ensure your company is aware of HIPAA requirements and how to properly comply with these standards.