2019 HIMSS Cybersecurity Survey

2019 HIMSS Cybersecurity SurveyHIMSS

Overview: The 2019 HIMSS Cybersecurity Survey provides insight into the information security experiences and practices of US healthcare organizations in light of increasing cyber-attacks and compromises. Reflecting the feedback from 166 US based health information security professionals, the findings of this study distill as follows:

    • A pattern of cybersecurity threats and experiences is discernable across US healthcare organizations
      • Significant security incidents are a near universal experience in US healthcare organizations with many of the incidents initiated by bad actors, leveraging e-mail as a means to compromise the integrity of their targets.
    • Many positive advances are occurring in healthcare cybersecurity practices
      • Healthcare organizations appear to be allocating more of their information technology (“IT”) budgets to cybersecurity.
    • Complacency with cybersecurity practices can put cybersecurity programs at risk
      • There are certain responses that are not necessarily “bad” cybersecurity practices, but may be an “early warning signal” about potential complacency seeping into the organization’s information security practices.
    • Notable cybersecurity gaps exist in key areas of the healthcare ecosystem
      • The lack of phishing tests in certain organizations and the pervasiveness of legacy systems raise grave concerns regarding the vulnerability of the healthcare ecosystem.

Download