#United States #Cybersecurity #Plano #HIMSS #FinThrive

FinThrive and HIMSS Survey Findings on Cybersecurity Funding for Smaller Hospitals

In a revealing survey conducted by FinThrive, Inc., a prominent healthcare revenue management software-as-a-service (SaaS) provider, alongside the Healthcare Information and Management Systems Society (HIMSS), the stark reality of cybersecurity funding for smaller hospitals has come to light. As the healthcare industry grapples with an alarming increase in cyber-attacks – projected to hit almost 700 incidents in 2025, translating to nearly two assaults per day – the survey aims to glean insights into hospitals' strategies for bolstering cybersecurity and the significant barriers they encounter.

A Growing Threat Landscape

According to the Office of Civil Rights (OCR), the anticipated rise in healthcare-related cyberattacks marks a staggering 10-fold increase from the years 2016-2022, alongside a 150% surge from the previous year alone. Against this tumultuous backdrop, healthcare organizations must act swiftly and resolutely to protect sensitive patient data and maintain operational integrity.

The survey, which involved input from 50 senior leaders in IT and finance across U.S. healthcare facilities, emphasized several key actions that organizations are currently deploying to counteract these cyber threats. Notably, these strategies include:

1. Conducting Internal Risk Assessments: Establishing a thorough understanding of vulnerabilities is vital for preemptive action against potential breaches.
2. Enhancing Collaboration and Scrutiny of Third-Party Vendors: As many healthcare organizations rely on external vendors for services, assessing their security practices is increasingly critical.
3. Implementing Automated Incident Response Plans: These plans often incorporate standby contingencies for claims management and eligibility processes.

A compelling statistic from the survey highlights that 88% of respondents actively test their backup systems to reevaluate their readiness for system downtimes resulting from cyber incidents.

Disparities in Cybersecurity Investment

The investigation also unveiled a troubling trend: a noticeable disparity in the allocation of resources toward cybersecurity between larger multi-facility healthcare systems and smaller hospitals. Smaller providers frequently confront substantial hurdles, with 67% citing budget limitations as a significant challenge compared to only 24% of larger entities.

FinThrive's President and CEO, Hemant Goel, poignantly remarked, "The size of a hospital should never dictate its ability to protect its facility, community, and patients in this fast-paced and ever-changing cybersecurity environment." This sentiment underscores the pressing need for tailored strategies that consider the limited financial resources of smaller institutions.

The Complexity of Revenue Protection

Amidst these cybersecurity concerns, healthcare providers must also contend with the complexities of revenue protection. Ensuring robust claims and collections processes stands as a primary focus area, particularly as market pressures intensify profit margins and cash flow stability. The survey's findings reveal that safeguarding revenue from cyber threats is now a strategy imperative for many healthcare entities, reflecting a growing acknowledgment of the potential financial repercussions of cyber incidents.

Heightened Scrutiny of Vendor Relationships

As the pursuit of cyber resilience continues, healthcare providers are re-evaluating their partner relationships. The responsibility of risk management is no longer solely internal; rather, it is shared with software vendors and other partners, necessitating increased vigilance and scrutiny. Establishing partnerships with trustworthy external entities, particularly those prioritizing cybersecurity, can alleviate some of the burdens on internal teams.

Conclusion: A Call to Action

With the healthcare industry in a race against time to bolster defenses against mounting cyber threats, the findings from this survey serve as a clarion call for all healthcare organizations, especially smaller hospitals. Concrete steps toward investing in cybersecurity measures must be prioritized to protect sensitive data, maintain patient trust, and ensure operational viability. The survey's insights provide a roadmap for establishing more effective cybersecurity protocols that consider financial constraints while addressing the evolving nature of threats.

For additional insights and strategies on enhancing cybersecurity within healthcare, tune in to the podcast featuring FinThrive's Chief Information Security Officer, Greg Surla, in collaboration with HIMSS. Through strategic innovation and a proactive mindset, healthcare organizations can advance their efforts toward safeguarding not only their revenue cycles but also the well-being of the communities they serve.