HIPAA Report Reveals Healthcare's True Security Posture (Hint: It's Bad)

Survey helps bring to light the gap between assumption and actual HIPAA security progress

News provided by

SecurityMetrics

Oct 14, 2015, 08:03 ET

OREM, Utah, Oct. 14, 2015 /PRNewswire/ -- A significant security disparity exists among healthcare c-suite and IT departments, outlined by the SecurityMetrics HIPAA Security Rule Report. In a survey of c-level, risk officers, and IT managers, a 10-20% gap was revealed between what executives believe is happening in regards to patient data security in the organization, and the reality.

SecurityMetrics' HIPAA report was specifically designed to help compliance, risk, and IT professionals understand the largest security risks in healthcare, but also to help provide proof for those looking to increase HIPAA and security budgets in 2016.

"The healthcare industry is significantly less secure than executives think," said HIPAA Security Analyst Brand Barney. "But with more cyber attacks happening each day, it's becoming critical for health organizations to be HIPAA compliant."

The report reveals startling details about the status of healthcare security, from the viewpoint of both c-level executives and IT staff implementers.

A few key findings of the SecurityMetrics HIPAA Security Rule Report include:

  • 80% of respondents believe their organization is fully HIPAA compliant, while most surveyed were missing key elements of compliance with the HIPAA Security Rule
  • Only 63% of healthcare organizations encrypt PHI on work devices
  • Only 76% of risk and compliance officers believe their organization would pass an HHS OCR audit
  • A mere 60% of risk and compliance officers say the organization has created a HIPAA Risk Management Plan

The report also gives guidelines to remedy security issues, such as proper encryption, investing in vulnerability scanners, and implementing security policies. The report even outlines a security budget for organizations to use.

Download the SecurityMetrics HIPAA Security Rule Report!

To learn more about SecurityMetrics or HIPAA, contact 801.705.5656, email [email protected] or visit www.securitymetrics.com/hipaa.

About SecurityMetrics (www.securitymetrics.com)
SecurityMetrics is a global leader in data security that enables businesses of all sizes to comply with government, healthcare, and financial mandates. Since its founding date, the company has tested over 1 million systems for data security and compliance. Among other services, SecurityMetrics offers HIPAA compliance services, penetration testing, security consulting, mobile device vulnerability scanning, payment data discovery, and incident response. Founded in October 2000, SecurityMetrics is a privately held corporation headquartered in Orem, Utah. For more information visit www.securitymetrics.com.

Logo - http://photos.prnewswire.com/prnh/20140225/SF71790LOGO  

SOURCE SecurityMetrics

Related Links

http://www.securitymetrics.com

WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?

icon3
440k+
Newsrooms &
Influencers
icon1
9k+
Digital Media
Outlets
icon2
270k+
Journalists
Opted In
GET STARTED