AMA and Accenture Study Reveals Physicians’ Major Concern on Cyberattacks

The American Medical Association (AMA) and Accenture surveyed 1,300 physicians in the United States to know what physicians think about cybersecurity. Based on the responses, it seems sure that cyberattacks will happen. What’s uncertain is when it will happen and how often.  About 83% of the surveyed physicians had already experienced a cyberattack.

The most common type of cyberattack was phishing , according to 55% of the physicians. About 48%  experienced cyberattacks involving computer viruses, malware and ransomware. Physicians who are associated with medium to large practices were more likely to get cyberattacks than those with small practices. Cyberattacks usually cause a downtime of 4 hours at large-sized practices and a downtime of one day at medium-sized practices.

Cyberattacks are really a major cause of concern among physicians. 74% of the physicians are worried that an attack could disrupt clinical practices and cause patients’ PHI breaches. Healthcare organizations may do what’s required to comply with HIPAA but it’s not enough to prevent cyberattacks and resulting breaches.

The head of Accenture’s global practice, Kaveh Safavi, stated that ensuring HIPAA compliance is not enough. Steps must be implemented to enhance the provider’s security profile. It may be necessary to invest in new technologies to build resilience and keep up with the sophistication of cyberattacks. Keeping the patients’ PHI safe will establish a foundation of trust.

It is interesting to know that 87% of the surveyed physicians believed that they were HIPAA compliant. two thirds still have some questions about HIPAA, which indicates a less comprehensive program set up for HIPAA compliance.

Regarding ePHI sharing, 85% of the physicians believed that it is important and 66% could see that more access to patient data can help improve the provided patient care. If the government can support the medical sectors with the needed technology for securely exchanging electronic data, ePHI will be available without posing risks to the patients’ health care data.