ATLANTA, July 11, 2019 /PRNewswire/
-- LexisNexis® Risk Solutions announced the
results of the online survey conducted in collaboration with
Information Security Media Group (ISMG) to investigate the
cybersecurity trends in healthcare. The survey included responses
from more than 100 participants from healthcare organizations
(HCOs), including hospitals, physician group practices and payers
in spring 2019.
"The State of Patient Identity Management" report highlights
HCOs' cybersecurity strategies, current best practices in patient
identity management and investment plans for improvement. Moreover,
the analysis of results demonstrates that HCOs have high levels of
confidence in their cybersecurity preparedness despite most
surveyed organizations using only basic user authentication methods
in the face of an increasing number of patient identity theft and
fraud instances in the marketplace. Specifically, the survey
results showed:
- 58% believe that the cybersecurity of their patient portal is
above average or superior when compared to other patient
portals
- 93% use username and password as the patient portal
authentication method
- 65% deploy multifactor authentication
-
- 39% use a knowledge-based Q&A for verification
- 38% use email verification
- 13% deploy device identification
- 65% report that their individual state budgets for patient
identity management will not increase in 2019
"There are some surprises in the results, particularly the
higher than expected confidence that organizations have in regards
to the security of their patient portal and telemedicine platforms
given that only 65% deploy multifactor authentication," said
Erin Benson, director, market
planning, Healthcare, LexisNexis Risk Solutions. "Multifactor
authentication is considered a baseline recommendation by key
cybersecurity guidelines. Every access point should have several
layers of defense in case one of them doesn't catch an instance of
fraud. At the same time, the security framework should have
low-friction options up front to maintain ease of access by
legitimate users."
Other industry reports show that healthcare data breaches
increased 5% in 2018, affecting 15 million patient records. This is
three times more than what was reported in 2017. There was also a
record 1 billion bot attacks in the first quarter of 2018, and 44%
of HCOs at large experienced crypto mining.
The top three cybersecurity takeaways of the report are as
follows:
- Traditional authentication methods are insufficient: As
a result of many healthcare data breaches, hackers have access to
legitimate credentials; users are also easily phished. Therefore,
traditional username and password verification are considered an
entry point, not a barrier, and alone cannot be relied upon to
provide a confident level of security.
- Multifactor authentication should be considered a baseline
best practice: HCOs should rely on a variety of controls,
ranging from knowledge-based questions and verified one-time
passwords to device analytics and biometrics to authenticate users
based on the riskiness of the transaction. The more risky the
access request is, the more stringent the authentication technique
should be.
- The balance between optimizing the user experience and
protecting the data must be achieved in an effective cybersecurity
strategy: HCOs need to make it easy for patients and partners
to access records while ensuring adequate data protection. To do
this, an HCO's cybersecurity strategy should layer low to
no-friction identity checks up front, making it easier for the
right users to get through and layer more friction-producing
identity checks on the back end that only users noted as suspicious
would complete.
To access further details about the survey results and full
analysis, download a free report.
About LexisNexis Risk Solutions
LexisNexis Risk Solutions harnesses the power of data and
advanced analytics to provide insights that help businesses and
governmental entities reduce risk and improve decisions to benefit
people around the globe. We provide data and technology solutions
for a wide range of industries including insurance, financial
services, healthcare and government. Headquartered in metro
Atlanta, Georgia, we have offices
throughout the world and are part of RELX (LSE: REL/NYSE: RELX), a
global provider of information and analytics for professional and
business customers across industries. For more information, please
visit www.risk.lexisnexis.com and www.relx.com.
View original content to download
multimedia:http://www.prnewswire.com/news-releases/lexisnexis-risk-solutions-announces-results-of-healthcare-cybersecurity-survey-300883295.html
SOURCE LexisNexis Risk Solutions