Survey: IT Leaders Concerned About Inappropriate Data Access | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Survey: IT Leaders Concerned About Inappropriate Data Access

February 21, 2014
by Gabriel Perna
| Reprints

The results of the 2013 HIMSS Security Survey reveals that breaches of protected health data (PHI) remain a concern by U.S. hospitals and physician practices, specifically the practice of inappropriate data access.

The survey of 283 information technology (IT) and security professionals employed by provider organizations revealed that there is increased use of several technologies related to employee access to patient data, including user access control and audit logs of each access to patient health records. Ninety-three percent of organizations indicate their organization is collecting and analyzing data from audit logs and 67 percent are using at least two mechanisms, such as user-based and role-based controls, for controlling access to data.

“Healthcare organizations are increasingly deploying technologies to increase data security, but continued analysis is crucial in ensuring the proactive prevention of data breaches within hospitals and physician practices. Without these anticipatory measures, security of patient data will remain a core challenge within our nation’s healthcare organizations,” Lisa A. Gallagher, vice president of technology solutions at HIMSS said in a statement.

Other findings from the survey reveal 49 percent of healthcare organizations are still spending 3 percent or less of their overall IT budget on security initiatives that will secure patient data. More than half have increased their security budgets in the past year, the data also revealed.

There are areas where healthcare providers are doing well. Ninety-two percent of organizations conduct a formal risk analysis, 54 percent of organizations report having a tested data breach response plan, and 63 percent of these organizations test their plan annually.

Another recent report, from Redspin, Inc., a Carpinteria, Calif.-based provider of IT security assessments, revealed that in 2013 breaches of PHI were up 138 percent from 2012.

Read the source article at

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



MGMA: Physician Compensation Data Illustrates Nationwide PCP Shortage

Primary care physicians’ compensation rose by more than 10 percent over the past five years, representing an increase which is nearly double that of specialty physicians’ compensation over the same period, according to the Medical Group Management Association (MGMA).

Circulation, Buoy Health Collaborate on Integrated Platform for Patient Transportation

Boston-based startup Circulation Health, a ride-ordering exchange that coordinates medical transportation logistics using Lyft and other transportation partners, is partnering with Buoy Health, also based in Boston, to integrate their platforms to provide patients with an end-to-end healthcare experience.

HITRUST Provides NIST Cybersecurity Framework Certification

The Health Information Trust Alliance (HITRUST), security and privacy standards development and accreditation organization, announced this week a certification program for the National Institute of Standards and Technology's (NIST) Cybersecurity Framework (Framework).

Report: Interoperability in NHS England Faces Similar Barriers as U.S. Healthcare

Electronic patient record interoperability in NHS England is benefiting patient care, but interoperability efforts are facing barriers, including limited data sharing and cumbersome processes falling outside of the clinician workflow, according to a KLAS Research report.

Geisinger National Precision Health Hires Illumina Exec to Lead Business Development

Integrated health system Geisinger has hired a high-profile genetic counselor to head up business development for Geisinger National Precision Health, which was created to extend the Geisinger model on the national scene.

$30M VC Fund Launched to Spur Innovation in Cardiovascular Care

The American Heart Association, together with Philips and UPMC, has announced the launch of Cardeation Capital, a $30 million collaborative venture capital fund designed to spur healthcare innovation in heart disease and stroke care.