Surveys conducted at this year's Health Information Management and Systems Society conference indicate respondents are increasingly concerned about security and compliance issues now that the government is stepping up enforcement of the Health Insurance Portability and Accountability Act (HIPAA).
Sixty-four percent of conference attendees said user access control and compliance issues top their lists, and a great majority of survey respondents (75 percent) admitted concern about facing a HIPAA audit. Sixty percent said the thought of such an audit drives their security and compliance efforts.
However, limited budgets create a crisis of priority as HIMSS attendees are pushed to deploy e-health record systems, according to The Tech Herald, which quotes Courion chief marketing officer Todd Chambers as follows:
The HIMSS research supports an interesting dichotomy we're seeing in the healthcare market today. With CIOs taking on increasing responsibility for risk management issues along with operations, security is being looked at more strategically by hospitals. But with limited budgets, it's a challenge to prioritize. With more hospitals relying on remote and non-employee workforces, combined with the use of mobile and virtualization technology, the IT environment is increasingly difficult to secure, and without the enforcement of proper policies and checks and balances, audits will become increasingly difficult to pass.
The kicker -- even though conference attendees gave HIPAA compliance a lot of lip service and C-level executives are taking more of a hands-on approach to risk management, survey results also indicated that security and compliance don't really become top priority until the organization experiences a data breach.