FRANKLIN, Tenn., Dec. 11, 2017 /PRNewswire-iReach/
Today Fortified Health Security, a leader in information security, compliance and managed services focused solely in the healthcare industry, released its 2018 Horizon Report. This extensive report details the current state of cybersecurity in healthcare, new and existing threats and predictions for 2018.
"Just as the Enron scandal of the early 2000s triggered a change in accounting standards, experts predict that the Equifax breach of 2017 will have a similarly significant impact on the healthcare industry," said Dan L. Dodson, president of Fortified Health Security. "One report suggests that over 40 percent of consumers would abandon or hesitate to use a healthcare organization if it had been hacked.*"
Healthcare organizations must strike a balance between enabling patient engagement initiatives and securing patient data. Unfortunately, there is no simple fix for this complex challenge. Organizations must develop and execute the fundamentals of security first, before exploring advanced solutions. This requires a defensive in-depth approach to cybersecurity that is grounded in a detailed HIPAA Security Risk Analysis and a companion corrective action plan.
2017 Year in Review
The Horizon Report provides a review of the state of cybersecurity in 2017 with a focus on the increase in the frequency of breaches in the healthcare industry. According to data provided by The Office for Civil Rights (OCR), hacking continues to be the biggest cause of breaches for the sixth year in a row. This year, 40 percent of all breaches were caused by hacking, which is a 10 percent increase over full year 2016.
"These numbers validate the fear of many organizations that hackers have momentum and breaches are happening more often than ever before," said Dodson. "This breach data underscores the importance of a solid security program focused on the fundamentals of patching and employee education. Having a well-executed security program can significantly decrease the chance of a large-scale breach."
2017 Security Risk Analysis Trends
In 2017, Fortified conducted a security risk analysis, OCR mock audits, HITRUST certifications and strategic security planning for the majority of its clients. Although varied in size, revenue, network complexities and geography, three common trends were identified: 1) Policies and procedures are weak, or don't align with the actual implementation of safeguards; 2) Organizations lack concise asset inventories; 3) There is a lack of well-structured vulnerability management programs.
"It's evident from this analysis that although healthcare organizations are busy with EHR transitions and upgrades, movements to the cloud and other IT and security projects, it is imperative that a priority be set on getting back to the fundamentals of risk management and good cybersecurity hygiene," said Dodson. "We must commit ourselves if we want and expect to improve."
Looking Ahead: Cybersecurity Outlook for 2018
The Horizon Report reviews Fortified's predictions for 2017 and how they fared against reality, while providing a summary of lessons learned during the past year. The report also takes a look at what healthcare organizations can expect to experience regarding cybersecurity in 2018. Some of these predictions include:
- Double digit increase in breaches
- More variants of Wannacry ransomware
- Breaches due to business associate neglect on the rise
- Increased threat to IoT devices
"2017 showed us that we can no longer treat security as an IT problem: instead we must recognize it as a business issue and deal with it accordingly," said Dodson. "Patch management programs are imperative and should be implemented alongside corrective action plans. And, moving forward, healthcare organizations must show progress against compliance standards."
Fortified Health Security's Horizon Report can be downloaded here.
ABOUT FORTIFIED HEALTH SECURITY:
Fortified Health Security is a leader in information security, compliance and managed services, focusing exclusively on helping healthcare organizations overcome operational and regulatory challenges. Founded in 2009, Fortified has established a heritage of excellence, compliance and innovation. Today, Fortified Health Security partners with healthcare organizations across the continuum, serving health systems, single hospital entities, physician practices, post acute providers, payors and business associates.
For more information, visit fortifiedhealthsecurity.com or call (615) 600-4002.
*Source: Top Healthcare industry issues of 2016: The New Health Economy, PwC Health Research Institute
Media Contact: Kristin Deuber, Golden Spiral Marketing, (614) 975-4186, kristin.deuber@goldenspiralmarketing.com
News distributed by PR Newswire iReach: https://ireach.prnewswire.com
SOURCE Fortified Health Security
