37% of Healthcare Organizations Do Not Have a Security Incident Response Plan

A survey of IT professionals found that 37% of healthcare organizations lack a security incident response plan, despite HIPAA requirements. The survey revealed that 33% had suffered a data breach in the past three years and 42% had experienced a ransomware attack, often affecting customer data and patient care. Common sources of attack were hacking, malware, and phishing. The survey also found that 74% of organizations spent less than 5 hours on staff IT security training.