HIMSS23: Tackling Some of Healthcare's Top Cyber ChallengesThe Annual Health IT Event Will Showcase Security, Privacy
Here's one reason why the healthcare industry seems perpetually at high risk of a data breach incident: Most healthcare organizations allocate 6% or less of their information technology budget for cybersecurity, putting them at a disadvantage in their security defenses and for competitive hiring, according to a recent annual survey by the Healthcare Information Management Systems Society.
As a result of hiring difficulties, informaticists, clinicians and others in the field often bridge the gap between cybersecurity and healthcare, HIMSS found in its 2022 HIMSS Healthcare Cybersecurity Survey, in which 159 healthcare security professionals were questioned last fall.
As a result of hiring difficulties, informaticists, clinicians, and others in the field often bridge the gap between cybersecurity and healthcare.
This falls in line with another study released Friday by Moody's, which determined that healthcare is "cyber poor" and that the sector's vulnerability has been worsened by the COVID-19 pandemic and a combination of IT worker departures and burnout.
Those cybersecurity resource struggles and other related challenges are among the list of topics up for discussion at the HIMSS23 conference taking place in Chicago on April 17-21.
The conference includes a preshow Cybersecurity Forum for healthcare CISOs and other security professionals being held on Monday, along with several other specialty workshops, before the health IT industry event formally kicks off on Tuesday.
Other panel discussions and sessions planned for the conference will dig into hot topics facing healthcare security and privacy leaders, including generative AI, medical device risk management, cybersecurity governance, and the evolving threat landscape.
Featured speakers and panelists at the preconference Healthcare Cybersecurity Forum include government leaders from the Cybersecurity and Infrastructure Security Agency and the Food and Drug Administration and CISOs from some of the nation's top healthcare organizations - including Intermountain Health, Kaiser Permanente and the Cleveland Clinic.
Besides the preshow Cybersecurity Forum, HIMSS23 will also showcase about 50 security product and services providers in a specialty pavilion on the exhibition floor. Besides those vendor booths, the Cybersecurity Command Center will also feature two theaters offering dozens of educational sessions.
Regulators will also be making appearances throughout the week to discuss some of their top priorities. They include officials from various Department of Health and Human Services agencies, such as the Office for Civil Rights and the Office of the National Coordinator for Health IT, which are involved in healthcare security and privacy enforcement and related programs.
ONC officials are slated to discuss topics involving secure interoperable health information exchange and related issues. Leaders from HHS OCR are expected to address regulatory issues that the HIPAA enforcement agency is working on.
Just this week, both ONC and OCR issued new proposed rule-making, including proposals from ONC concerning new health IT certification requirement, and a proposed rule from OCR for HIPAA changes aimed at enhancing privacy protection around reproductive health data.