83% of Physicians Have Experienced a Cyber Attack, Survey Finds
Eighty-three percent of physicians in a recent survey said that they have experienced some sort of cyber attack, such as phishing and viruses, while 55 percent of respondents said they are “very worried” about future cyber attacks on their organizations.
This latest research on healthcare cybersecurity, from Accenture and the American Medical Association (AMA), surveyed 1,300 physicians across the U.S. this summer regarding their experiences and attitudes toward cybersecurity. The findings suggest “a strong need for improved cybersecurity education for physicians,” according to the researchers.
The research noted that cyber attacks can often lead to service interruptions, system downtime, increased operational expenses and patient safety risks. To this point, 74 percent of respondents cited interruption to their clinical practice as a primary concern. And, 29 percent of physicians who work in mid-sized practices said it takes up to a full day to recover from an attack. Fifty-three percent said they’re concerned about patient safety as a result of future cybersecurity incidents.
What’s more, most physicians think that exchanging electronic protected health information (PHI) is important. Indeed, 85 percent believe in the importance of sharing ePHI, and about one-third said they exchange ePHI externally based on vendor trust. However, about two-thirds of respondents said that more access to patient data would improve care.
As far as after a cyber attack occurs, 56 percent of physicians surveyed said they alert their health IT vendor. Nearly half of respondents (49 percent) have in-house security official, though three times as many large- and medium-size practices have one compared to smaller practices. And, 87 percent said they believe that their practice is HIPAA-compliant, though two-thirds of physicians still have basic questions about HIPAA.
The survey also revealed that physicians are concerned about the impact that adopting new technologies such as telemedicine and patient-generated health data could have on security.