SANS Announces Results of its Inaugural Health Care Information Security Survey

  /     /     /  
Publicated : 22/11/2024   Category : security


SANS Announces Results of its Inaugural Health Care Information Security Survey


Concerns over negligent insiders were primary among 65 percent of respondents



BETHESDA, Md., Oct. 17, 2013 /PRNewswire-USNewswire/ -- SANS announces results of its inaugural health care information security survey, in which 373 health care IT professionals answered questions about their digital health initiatives, awareness and concerns over risk, and how they are (or are not) managing this risk. The survey was sponsored by Oracle, Redspin, Tenable Network Security and Trend Micro.
The majority of respondents represented IT staff working in some form of clinical setting, including a hospital (32%), physician group practice (12%), rural or critical access hospital (8%) and individual provider (6%). There were also several ancillary services represented, including health plan/payer (17%) and lab and radiology (12%).
While these respondents primarily represented the IT side of health care, their biggest driver for information security is regulatory compliance, says survey author Barbara Filkins. There was also a common theme on securing the human,
emphasizing a need for technical, clinical and compliance staff to work together for effective risk management and compliance.
In the survey, concerns over negligent insiders were a primary among 65%, followed by lack of investment in user awareness (53% selected this option as among their top three concerns). When asked about the effectiveness of their controls, only 40% rate workforce training and awareness as effective, while nearly 30% consider it their least effective control.
Respondents are also concerned about the security of their electronic medical records/electronic health records as well as personal health record or PHR systems. PHRs can be untethered from the more regulated electronic health record systems and not subject to the same regulatory protection and control.
Despite these concerns, organizations are accepting the risks for the convenience of mobile and cloud technologies in delivering care to patients,
Filkins adds.
Results will be pre-released during the SANS HealthCare Cyber Security Summit, at the Hyatt Fishermans Warf in San Francisco, Oct. 23, 2013.
There will also be a webcast for those not attending the summit on Wednesday, October 30, at 1 PM EDT, where SANS releases the full set of results. Register for the webcast at http://www.sans.org/info/141255
Those who register for the webcast will be given access to an advanced copy of the associated report developed by Barbara Filkins.
The SANS Analyst Program, www.sans.org/reading_room/analysts_program, is part of the SANS Institute.
About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest source for world-class information security training and security certification in the world, offering over 50 training courses each year. GIAC, an affiliate of the SANS Institute, is a certification body featuring over 25 hands-on, technical certifications in information security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internets early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community.
(www.SANS.org)

Last News

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
SANS Announces Results of its Inaugural Health Care Information Security Survey