New Survey Explores Healthcare Cybersecurity Attitudes

Healthcare cybersecurity attitudes are changing. Not as fast as the threat landscape is, but most healthcare professionals now appreciate the risks, understand the current threat level and also how difficult it is to keep data 100% secure.

Physicians and health IT professionals often don’t see eye to eye. IT staff must ensure data is secured and networks are protected, whereas physicians are in the business of treating patients. Often treatment and data security are at odds with each other.

However, a new healthcare cyber security report from the MedData Group suggests that while there are still considerable differences in healthcare cybersecurity attitudes between physicians and health IT professionals, the two groups are starting to see eye to eye on cybersecurity issues facing the industry.

Healthcare Cybersecurity Attitudes Explored by MedData

The report was compiled from the data collected by MedData in a survey of 272 U.S healthcare professionals in which attitudes on healthcare cybersecurity were probed. Current cybersecurity trends were assessed, and the common cybersecurity issues suffered by healthcare providers have been highlighted.

Health IT professionals were satisfied with the cybersecurity defenses they had put in place to safeguard PHI, networks and EHRs on the whole, but physicians did not share their confidence. 21% of physicians said their cybersecurity defenses were below average. Only 8% of health IT professionals shared that point of view.

46% of health IT professionals believed their systems offered above average or excellent protection, although only 38% of physicians said their defenses were adequate.

Opinions on cybersecurity differed between the two groups when it came to risk assessment. Health IT professionals believed the main risks of a data breach were email and internal messaging systems. This view was shared by hospital administrators, but not physicians, who thought EHRs posed the most risk. 51% of physicians rated EHRs highly risky. Mobile communication devices came a close second, with 46% of physicians believing the devices carried a particularly high risk of a causing security breach.

Main Threats to Healthcare Cybersecurity

Both groups agreed that the main threats to healthcare cybersecurity were malicious outsiders (68%) – hackers and data thieves – and malware (65%). 40% of respondents said application system and network failures were major risks.

The driving factor behind improvements to cybersecurity is believed to be the need to comply with state and federal regulations and avoid the fines that come from non-compliance. Both groups rated this as the main driver. The threat from evolving malware and the need for a fast data breach response were also factors highlighted as having a major impact on the speed at which new cybersecurity protections are put in place.

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of