HITRUST Analysis Deems Healthcare “Reactive” to Cybersecurity

March 6, 2015
The Health Information Trust Alliance (HITRUST), a Frisco, Texas-based industry group working to establish a common security framework (CSF), analyzed how healthcare organizations tackle data security against cyber threats and risks, and found most were reactionary in their approach.

The Health Information Trust Alliance (HITRUST), a Frisco, Texas-based industry group working to establish a common security framework (CSF), analyzed how healthcare organizations tackle data security against cyber threats and risks, and found most were reactionary in their approach.

HITRUST’s three-month review of cyber risk management strategies for the healthcare industry revealed what many have already come to know: When it comes to data security from hackers, healthcare organizations are ill prepared. This is not exactly a startling finding, with a major hack of health insurer Anthem having just happened one month ago. Another report, from Redspin Inc., a Carpinteria, Calif.-based health IT security consultant, found that more than half of the breaches of protected health information reported to the Department of Health and Human Services (HHS) Office of Civil Rights (OCR) were the result of hacking, including the notable incident at Community Health System that affected 4.5 million patients. 

One element of this lack of preparation is the fact that most organizations aren’t able to understand the effectiveness of deployed information security products, especially in relation to emerging cyber threats. They also acknowledged they had minimal understanding of the impact of emerging cyber threats on their products and applications.

“Although we have made good progress in maturing our cyber risk management approach for industry, with significant improvements in information sharing, the real opportunity is to understand the emerging threats and model them against organization-specific defenses, configurations and applications,” Daniel Nutkis, chief executive officer, HITRUST, said in a statement.

HITRUST is rolling out a new strategy, a situational awareness and threat assessment tool, which will aim to help healthcare organizations increase visibility against emerging threats and how that could affect their current products. The organization partnered with NSS Labs, an Austin, Texas-based security research and advisory company, on the tool.

Sponsored Recommendations

Going Beyond the Smart Room: Empowering Nursing & Clinical Staff with Ambient Technology, Observation, and Documentation

Discover how ambient AI technology is revolutionizing nursing workflows and empowering clinical staff at scale. Learn about how Orlando Health implemented innovative strategies...

Enabling efficiencies in patient care and healthcare operations

Labor shortages. Burnout. Gaps in access to care. The healthcare industry has rising patient, caregiver and stakeholder expectations around customer experiences, increasing the...

Findings on the Healthcare Industry’s Lag to Adopt Technologies to Improve Data Management and Patient Care

Join us for this April 30th webinar to learn about 2024's State of the Market Report: New Challenges in Health Data Management.

Findings on the Healthcare Industry’s Lag to Adopt Technologies to Improve Data Management and Patient Care

2024's State of the Market Report: New Challenges in Health Data Management