Healthcare IT Addresses Security, But Struggles with Backup Strategies

Doctor showing patient information

According to the Kaseya 2018 State of IT Operations survey report, improving IT security, reducing IT costs and delivering higher service levels are among the top IT priorities for the healthcare industry.

Data security has become critical to the healthcare industry as patient privacy hinges on HIPAA compliance and the secure adoption of electronic health records. This is indicated in the survey, with 78% of the respondents naming HIPAA as the most critical compliance requirement adopted by the industry, and 19% of the respondents seeing cybersecurity and data protection as the top technological challenge in 2019.

However, are the right measures being taken by the industry to secure this data?

Carrying out regular IT audits can help identify security gaps and issues that can be addressed before a breach occurs. In the survey, 84% of respondents regularly engaged in audit processes, with 72% auditing OS information, 62% auditing the installed software, and 55% auditing computing information such as CPU, RAM, and disk.

Confidential patient information is usually stored in emails, files, print servers, document libraries (e.g. SharePoint), and access databases. These are all generally backed up. But while 63% of the respondents mentioned Office 365 as the most used SaaS application, 54% did not protect their SaaS data with any backup and recovery solution.

Backup and data recovery in healthcare is critical for recovering data during cyberattacks or natural disasters. To ensure an organization can quickly come online after a network outage (50% of the respondents stated to have 2-4 outages in the past year which have lasted longer than 5 minutes), a seamless recovery plan compliant with HIPAA is essential.

While 93% of the respondents in the survey back up their servers, and 71% back up their data locally and off-site, only 43% can automatically recover to a separate site.

 Optimizing IT Efficiency

When it comes to optimizing IT efficiency, centralized anti-virus/antimalware scanning, data storage, remote device access/control, server monitoring and network monitoring are the top five approaches.

Cybercriminals recognize hospitals and healthcare as large and potentially vulnerable targets. Ransomware attacks can lock-up patient-electronic medical records, and even backup files.

With ransomware attacks such as WannaCry, which infected more than 230,000 computers across 150 countries and incurred damages in the billions, it is a good thing healthcare companies are so keen on anti-virus and antimalware solutions.

Ransomware also reminds us of the criticality of patch management. Like with most cyberattacks, ransomware can be largely avoided through the proper use of software patches. The good news — 67% of the respondents apply critical OS patches within 30 days of release,

To read the complete 2018 IT Ops Benchmark survey, click here.

Divyarthini is a marketing professional with over 4 years of experience in the IT industry including 3 years of experience in Content Marketing, Social Media Marketing, and Email Marketing.
Happy Holidays From Our Kaseya Family to Yours

Farewell 2020, Hello 2021!

Although 2020 was not the year any of us planned for, it has certainly been unforgettable. From all of usRead More

Doctor typing on keyboard

Is Your Healthcare Organization Prepared for Windows 7 End of Life?

According to a report by Forescout, “About 71 percent of medical devices will be running unsupported Windows operating systems (OS)Read More

Confidential Report Request Form

Why It’s Time for MSPs to Get Hip to HIPAA Compliance

HIPAA has been around since 1996, but most people’s understanding is limited to a vague notion of protecting private informationRead More

Nurse taking blood pressure

Best Practices for Secure Backup and Recovery in Healthcare

Despite great efforts and regulations, the healthcare industry remains the most vulnerable to data breaches, affecting millions of peoples’ privacyRead More

Download the 2022 IT Operations Survey Report - Click Here