Survey Reveals Shortfalls in Healthcare Security and Compliance Policy and Major Mobile Vulnerabilities

DataMotion, an email encryption and health information service provider (HISP), offers the results of its third annual survey on corporate email and file transfer habits, revealing significant security risks. While companies in all industries increasingly have put security and compliance policies in place – nearly 90 percent of all respondents affirming that in 2014 (compared to 81 percent in 2013) – the growth is largely from healthcare entities.

More than 97 percent from the industry report their organizations as having policies in place, compared to 90.4 percent in 2013. However, challenges remain for healthcare when it comes to implementing these, ranging from low employee comprehension to policy violations. Additionally, a lack of encryption, risks in mobile device usage and low awareness of Direct Secure Messaging (Direct) pose serious issues for the highly regulated industry.

DataMotion polled more than 780 IT and business decision-makers across the U.S. and Canada. In particular, the survey focused on individuals who routinely work with sensitive data and compliance regulations in a variety of industries including healthcare, financial services, education and government.

More than 300 respondents were from healthcare. Key insights/comparisons on the industry include:

Healthcare Security and Compliance Policy: Gains Undermined by Implementation Failure

Lack of Email Encryption, Mobile Dangers and the Direct Problem

Business Associates and the Long Tail of HIPAA/HITECH

“Though the survey shows year-over-year growth in the number of companies putting security and compliance measures in place, the widespread security risks occurring are of great concern,” said Bob Janacek, chief technology officer at DataMotion. “Particularly at a time when organizations have experienced serious data breaches, it’s essential for companies to have strong policies and ensure employees fully understand and follow these. While healthcare has made gains in policy development, it’s all for naught if implementation fails, especially in such a highly regulated industry.”

“These measures should be across the board, as the data shows a gaping hole in security when it comes to mobile devices – with many companies permitting their use but not taking into account their lack of email encryption capabilities,” added Janacek. “Hopefully, this data will provide organizations with a better understanding of what steps need to be taken to ensure security and compliance.”

To view the healthcare survey report, click here or visit:

For survey results across all industries, click here or visit:

Write a Comment

Your email address will not be published. Required fields are marked *