Each year, Healthcare Informatics ranks the 100 vendors with the highest revenues derived from healthcare IT products and services earned in the U.S. based on revenue information from the previous year. This is what makes up the Healthcare Informatics 100 (THE 100). And for the second straight year, as part of THE 100 questionnaire, vendors were also asked to estimate the percentage of revenue earned in each of their product segments.
Beyond presenting the product segment revenues in each company listing, Healthcare Informatics editors took to further breaking down the top revenue earners in each of our seven segments: Financial Information Systems, Clinical Information Systems, Data Analytics, Data Management, Data Security, Data Exchange, and Consulting Services.
Throughout the next several days, Healthcare Informatics will reveal its top 5 companies by revenue within these seven different categories. Serving as a supplement to the broader Healthcare Informatics 100 list, we hope that this data, along with the content that accompanies it, gives you our readers a greater sense into the latest market trends within each of these respective product categories.
All data has been sent to Healthcare Informatics from the vendors themselves and confirmed by each company.
Top 5 Data Security Vendors by Revenue
Vendor | Product Breakout Revenue | % Of Whole Revenue |
---|---|---|
Dimension Data | $37,350,000 | 15% |
KPMG LLP | $20,740,000 | 17% |
Afga Healthcare | $13,200,000 | 10% |
Vocera Communications, Inc. | $6,380,000 | 5% |
SKYGEN USA, LLC | $5,100,000 | 5% |
As security threats all across healthcare increasingly become more advanced and persistent, organizations are actively looking to security vendors to help prepare, identify, defend, respond, and recover from threats. From a staffing perspective, says Clyde Hewitt, vice president of security strategy at Austin, Tx.-based CynergisTek, many of these same organizations are challenged to recruit the skilled resources that are needed to build a robust security program, monitor systems, and implement the new technologies. “For this reason, healthcare organizations are looking to establish partnerships with reputable security firms to supplement internal resources with specialized security and privacy leadership including virtual CISOs or chief privacy officers, as well as third-party assessors who can provide an unbiased evaluation of the security and compliance posture,” Hewitt says.
On the technology front, Hewitt primarily recommends behavioral analytical tools and advanced malware detection that provide an ability to more quickly identify and respond to attacks. “The use of advanced technology introduces a need for specialized talent to install and configure these new tools. Short to mid-term staffing models using external talent is a cost-effective way to bring the best talent to an organization without having to dedicate a permanent position. It also allows organizations to leverage the cross-organizational experience third party vendors can provide,” he says.
What’s more, Hewitt says that healthcare organizations ought to consider one key differentiator between the security vendors they are selecting from—the depth of domain experience of the consulting staff. Indeed, implementing tools in an acute or ambulatory environment introduces specifically unique challenges such as how to work within the confines of patient safety requirements, he notes. “It also requires additional coordination as the IT departments may also need to work with pharmacy, laboratory, and imaging systems. Other challenges are found in a plethora of biomedical devices that often are not running the latest Windows operating system, he says.
When asked to offer a few predictions for the future as it relates to healthcare cybersecurity—a key question as many experts fear that this area will get worse before it gets better—Hewitt indeed says threats will continue to exploit vulnerabilities on a broader scale. “We can expect to see more WannaCry-like worldwide attacks. These new attacks will be better planned and the outages will be more wide-spread. Executive leadership, including boards, will demand more details on the defensive measures and respond from their security and compliance teams.”