The Health Information Trust Alliance offers a framework standard for the healthcare industry to secure healthcare data and manage compliance, but a recent poll conducted by KPMG shows half of organizations are not prepared to implement the standard.
KPMG polled more than 600 accounting professionals during a webinar in August asking about their preparedness to implement HITRUST standards. HITRUST standards are not mandatory, but it seeks to combine existing standards requirements and regulations into one information security framework.
In addition to the 50 percent of organizations that said they are not prepared to implement HITRUST standards, 17 percent said they have an implementation plan but have not yet started it, 17 percent said they are in the early stages of implementing the plan, 8 percent said they are "well along" in the implementation and 7 percent said they are completely ready.
Key barriers to preparing for HITRUST include staffing, technological issues, financial concerns, cultural concerns and reconciling past regulations with HITRUST. What's more, respondents were generally split down the middle when asked if they believe they have the right staff with the right skill level to execute HITRUST: 53 percent said yes while 47 percent said no.
Despite the lukewarm preparedness, respondents did say they see benefits to HITRUST standards, the most common one being assurances about overall security, with 26 percent of respondents indicating so. Other benefits include standardized reporting (24 percent), progress toward HIPAA compliance (14 percent), a blueprint for assessing cybersecurity risks (12 percent) and meeting contractual requirements (9 percent).
More articles on cybersecurity:
J&J warns of cybersecurity vulnerabilities in insulin pump
This cybersecurity expert was shut down by hackers
Calculating the true cost of a healthcare data breach