By Nam Nguyen, Vice Chair
EHRA Privacy & Security Workgroup

October is Cybersecurity Awareness Month, and the Electronic Health Record Association (EHRA) will use this opportunity to share helpful reminders of cybersecurity fundamentals throughout the month. 

The 2020 HIMSS Cybersecurity Survey provides a look into cybersecurity issues facing US healthcare organizations. Based upon the feedback from 168 US-based healthcare cybersecurity professionals, “Cybersecurity budgets are still lacking with typically 6% or less of the information technology budget allocated for this purpose. A large attack surface exists within many healthcare organizations due to the profound lack of resources.”

Even as cyberattacks are increasing exponentially, businesses including healthcare organizations are facing another significant risk –  a shortage of available, qualified cybersecurity professionals. 

According to the fifth annual global study of cybersecurity professionals by the Information Systems Security Association (ISSA), more than 57% of organizations have been negatively impacted by the “cybersecurity skills crisis.” Of the professionals surveyed by ISSA, 95% indicated the skills shortage has not improved in recent years and 44% say it has worsened.