SecurityMetrics: HIPAA Report Reveals Healthcare's Shortcomings
A significant security disparity exists among healthcare c-suite and IT departments, outlined by the SecurityMetrics HIPAA Security Rule Report. In a survey of c-level, risk officers, and IT managers, a 10-20% gap was revealed between what executives believe is happening in regards to patient data security in the organization, and the reality.
SecurityMetrics' HIPAA report was specifically designed to help compliance, risk, and IT professionals understand the largest security risks in healthcare, but also to help provide proof for those looking to increase HIPAA and security budgets in 2016.
A few key findings of the SecurityMetrics HIPAA Security Rule Report include:
- 80% of respondents believe their organization is fully HIPAA compliant, while most surveyed were missing key elements of compliance with the HIPAA Security Rule
- Only 63% of healthcare organizations encrypt PHI on work devices
- Only 76% of risk and compliance officers believe their organization would pass an HHS OCR audit
- A mere 60% of risk and compliance officers say the organization has created a HIPAA Risk Management Plan
The report also gives guidelines to remedy security issues, such as proper encryption, investing in vulnerability scanners, and implementing security policies. The report even outlines a security budget for organizations to use. Download the SecurityMetrics HIPAA Security Rule Report!