Sixty percent of healthcare IT security executives are increasing spending for better data protection, according to a recent study. Another 46 percent plan to implement data security tools to catch up with industry best practices.
While 96 percent of the 1,100 senior IT security executives polled by Vormetric, a data security company, said they felt vulnerable to data threats, and 63 percent have experienced a data breach in the past, 69 percent felt meeting compliance requirements is "very" or "extremely" effective in protecting data.
But compliance alone does not stop multi-prong cyberattacks, said Garrett Bekker, report author and senior analyst, information security at 451 Research, which partnered with Vormetric for the survey.
"Compliance is only a step towards healthcare IT security," said Bekker in a statement. "As we learned from data theft incidents at healthcare organizations, reportedly HIPAA compliant, being compliant doesn't necessarily mean you won't be breached and have your sensitive data stolen."
Compliance was the main reason to secure data for over 60 percent of the respondents, while reputation and brand were top-ranked for 49 percent.
More than half of the respondents said a misconception about the complexity of data security was one of the biggest barriers to adopting better practices, while 38 percent pointed to staffing issues. 33 percent of the respondents also said there was a lack of support from their organization and another 30 percent didn't have enough funds.
"With the boom in black market sales of healthcare data, the potential for financial harm to patients' privacy and security from inadequately protected data is growing fast," said Tina Stewart, Vormetric's vice president of marketing, in a statement. "For healthcare organizations, they now have to prioritize the safety of patient data and privacy as part of patient care and realize meeting compliance requirements is only a start."