80 Percent of Large Health Care Organizations Have Been Hacked

Cyber-attacks have compromised 4 out of 5 large providers and payers over the past two years, according to a survey conducted by Forbes Insights and published by KPMG, a multi-practice consulting firm that offers cyber security services.

All survey participants were large hospitals, health systems, and insurers with at least $500 million annual revenue. All were places with CIOs, CTOs, CCOs and CSOs minding the store.

Huge challenge: The "heterogeneous nature of networked systems and applications" in health care. In this environment, you have things like respirator pumps on the same network as registration systems that can browse the Internet. Survey participants listed external attackers (65%), sharing data with third parties (48%), employee breaches and theft (35%), wireless computing (35%), and inadequate firewalls (27%) as their "greatest vulnerabilities in data security."

Tracking of cyber-attack threats was poor among the health care organizations surveyed. Only 53% of providers and 66% of payers described their organization as "ready to defend against a cyber-attack." Only 35% of respondents said they had adequate resources for "managing vendor security risks."

This article originally appeared in HIT Help Section of Eye Care Leaders