Less than half of health facilities achieved national security last year

• According to an annual report from technology company CynergisTek, only 44% of medical professionals met national safety standards in 2019. This is a slight decrease from 45% in 2017 and 47% in 2018.

• In a review of customer history, CynergisTek found a reduction of four of the five functions reported in the National Institute of Standards and Technology for Enterprises to Protect Against Cyber Attacks: Identification, Protection, Response, and Restoration. The final major project, the recognition, has been underway for three years.

• CynergisTek says computer security is more important than ever as telemedicine and remote operation have become the norm. “It is clear that thanks to COVID-19, the type of delivery and support for IT services are changing dramatically,” the report said.

The COVID-19 pandemic has forced providers and patients to quickly move care to virtual environments this year. Vendors only had a few weeks to convert online visits and adopt the technology needed to do so, although they helped ease the CMS restrictions temporarily.

However, the report shows that healthcare institutions’ compliance with cyber security standards was already in decline before the public health crisis.

The authors report: “If you do not improve computer security, you are failing to address the risks.” “

Among the health organization customers surveyed by CynergisTek, assisted residential centers had the highest NIST compliance at 96%, although it found that they generally have no highly automated systems, often no EMRs, and only a minimum of “base systems”. “.

Insurers and responsible health organizations had the highest compliance rate, followed by business partners, hospitals, and health systems. The medical groups had the lowest adherence at 20%.

In terms of hospital type, academic medical centers had the highest compliance rate, followed by critical access hospitals, healthcare systems, and acute hospitals.

Surprisingly, critical access hospitals, which tend to be underfunded and understaffed, have improved their compliance significantly over the years from 18% in 2017 to 47% in 2019.

In the future, according to CynergisTek, remote working and telemedicine are expected to persist, requiring additional technologies and a greater focus on existing technologies. According to the report, organizations may need to invest in more endpoint security tools such as B. in multi-factor authentication, in virtual private networks, in the management of identity access, and the prevention of data loss.

And while COVID-19 has dwarfed interoperability, information blocking, and privacy laws, “this is happening and it won’t be as simple as it looks,” the report said.

Poor cyber security can lead to breaches that compromise patient personal health information and federal penalties for providers.

In the first half of 2019, breaches of health data had already doubled compared to the previous year, according to a report by the IT security company Protenus from 2019.

In a recent report by cyber security rating firm Security Scorecard and dark web research firm DarkOwl, security warnings among telemedicine providers rose 30% versus pre-pandemic during COVID-19.