TEST to main content First level navigation Menu
cyber security

Healthcare cybersecurity facts from HIMSS that might surprise you

by Michael Campana
You may think you’ve heard it all when it comes to talking about privacy and security. It is a topic that consumes a lot of healthcare discussions — and for good reason.

But some of the findings from the 2015 HIMSS Cybersecurity Survey1 may just surprise you. Three discoveries in particular were pretty impactful:

It is possible to tackle your security measures with a comprehensive approach that encompasses multiple strategies.

A slow approach to changing security measures

Most hospitals continue to rely heavily on antivirus software, firewalls and data encryption to secure their healthcare organization. Fewer organizations use multi-factor digital identity (where digital identity is used for authentication), dynamic biometric technologies and dark web research — that is, researching a collection of websites that are publicly visible, but hide the IP addresses of the servers that run them. The dark web presents many dangers because it can be visited by any user while making it very difficult to work out who is behind the sites.

Word of mouth keeping organizations safe

Nearly 60% of respondents said they hear about cyber threat intelligence via word of mouth from their peers. With all of the resources available to detect data security threats, you would expect that more healthcare systems are receiving news about information security problems from trusted sources and modern IT security technology.

Risk and concern driving motivation

Motivation for improving IT security within healthcare organizations stems primarily from the results of risk assessments and concerns over phishing attacks and viruses/malware. Over the past year, there have been numerous high profile healthcare breaches, and this survey confirms that the industry is becoming more proactive versus reactive in its approach to healthcare cybersecurity.

What you can do

Highly concerning results like these may make you want to take a second look at the privacy and security measures you’re taking within your hospital or healthcare system. It is possible to tackle your security measures with a comprehensive approach that encompasses multiple strategies.

Here are some ways you can get a jump start:


  • Secure all workstations, printers and multi-function devices
  • Update encryption and decryption capabilities for transmission and storage of patient health information
  • Conduct thorough and comprehensive annual risk assessments that simulate real-life threats by including actual hacking attempts on your data management systems and processes
  • Educate and periodically update all staff on HIPAA requirements
  • Double protect yourself by working with vendors whose own patient data management processes meet HIPAA standards and guidelines, so you can avoid becoming a statistic.

Taking the time to address these steps in advance can be well worth the effort by keeping your patients, staff and hospital out of harm’s way. While these facts may have come as a surprise — a cyber attack is one thing you don’t want to catch you off guard.

Safeguard your organization: hear from our experts

What steps are you taking to avoid a data breach? Check out our complimentary white paper to learn more about information security.
Michael Campana
Michael Campana joined Ricoh in 2012 as Senior Manager of Healthcare Marketing. He brings 27 years of experience to the role to lead the market positioning and strategy for Ricoh’s healthcare industry vertical in the Americas. Campana began his career in the healthcare industry upon graduating from the University of South Florida. He has worked for a number of healthcare organizations, including most recently Siemens Medical Solutions Health Services.
1 Source: "2015 HIMSS Cybersecurity Survey." HIMSS.org. Jun 30, 2015. http://www.himss.org/2015-cybersecurity-survey