The healthcare industry is a prime target for cybercriminals. Stolen protected health information (PHI) is worth hundreds, even thousands of dollars on the black market. For cybercriminals, the healthcare industry is a golden goose. Time-to-report and time-to-discover periods are often long, giving cybercriminals ample time to collect and sell stolen records online before vulnerabilities are detected and patched.
The healthcare industry’s growing use of connected medical devices, equipment and other iot devices also means there are many new risks and endpoints to manage and secure. In the following pages, we will review critical security concerns facing the industry and healthcare compliance regulations. We will also explain the advantages of workforce security awareness training.
Top security concerns in the healthcare industry Managing budgetary constraints
According to Symantec, the healthcare industry spends considerably less on cybersecurity technology and staff than other regulated industries. For comparison, in 2019, the us federal budget allocated $15 billion for cybersecurity-related activities, an increase of 4.1 percent above the FY 2018. However, healthcare averaged at only 5% of budget spent on security.
A recent survey from the Healthcare Information and Management Systems Society (HIMSS) has, however, found good news in terms of budget for cybersecurity.