A national survey reveals 83% of 1,300 physician practices surveyed already have experienced a cyberattack—increasing the need to better support medical practices.

According to the survey, conducted by the AMA and Accenture, the theft of private patient information and loss of access to critical medication lists, diagnoses and lab results are of great concern for physicians. Most physicians experience significant downtime before being able to resume operations. Phishing and computer viruses are the most common types of cyberattacks on physician practices.

The AMA and Accenture collaborated on the first-of-its-kind, 3-part cybersecurity analysis—designed and conducted from January to October 2017—which included a quantitative survey, a literature search and qualitative interviews.

The research showed the physician’s perspective missing from many major cybersecurity efforts and the AMA aimed—along with Accenture—to better include the physician’s voice in cybersecurity efforts going forward.

The main findings identified 3 key themes:

1. Cybersecurity is a patient safety issue.

Cybersecurity must not be viewed only as a technical issue. Stakeholders from health IT, health systems and the federal government have to come together to protect patients’ health information.

2. Physician practices rely on health IT vendors for network and system security.

Most practices do not have internal security support and must sort through a lot of information to find trusted vendors. The AMA wants to ensure physicians understand good cyber hygiene and is partnering with organizations like HITRUST to offer workshops and resources on good cyber hygiene to assist small and mid-sized practices. 

3. HIPAA compliance is not enough to protect patient records.

Of the physicians surveyed, 85% believe it is crucial to share electronic data outside of their health system for quality care but want to do it safely. They need ways to provide secure electronic protected health information.

As awareness of the critical issues increases, the AMA will elevate the physician’s needs in Washington and continue to develop resources that help physicians create a culture of good cyber hygiene while reducing unnecessary administrative burden.

Download the complete research findings

Downloads

PDF 1: Medical Cybersecurity Findings

PDF 2: Medical Cybersecurity Infographic

Cybersecurity Awareness Checklist and Resources

Related Links

LINK 1: Start with a simple audit.

LINK 2: Review a computer safety checklist.

LINK 3: Review an IT systems safety checklist.

A national survey reveals 83% of 1,300 physician practices surveyed already have experienced a cyberattack—increasing the need to better support medical practices.

According to the survey, conducted by the AMA and Accenture, the theft of private patient information and loss of access to critical medication lists, diagnoses and lab results are of great concern for physicians. Most physicians experience significant downtime before being able to resume operations. Phishing and computer viruses are the most common types of cyberattacks on physician practices.

The AMA and Accenture collaborated on the first-of-its-kind, 3-part cybersecurity analysis—designed and conducted from January to October 2017—which included a quantitative survey, a literature search and qualitative interviews.

The research showed the physician’s perspective missing from many major cybersecurity efforts and the AMA aimed—along with Accenture—to better include the physician’s voice in cybersecurity efforts going forward.

The main findings identified 3 key themes:

1. Cybersecurity is a patient safety issue.

Cybersecurity must not be viewed only as a technical issue. Stakeholders from health IT, health systems and the federal government have to come together to protect patients’ health information.

2. Physician practices rely on health IT vendors for network and system security.

Most practices do not have internal security support and must sort through a lot of information to find trusted vendors. The AMA wants to ensure physicians understand good cyber hygiene and is partnering with organizations like HITRUST to offer workshops and resources on good cyber hygiene to assist small and mid-sized practices. 

3. HIPAA compliance is not enough to protect patient records.

Of the physicians surveyed, 85% believe it is crucial to share electronic data outside of their health system for quality care but want to do it safely. They need ways to provide secure electronic protected health information.

As awareness of the critical issues increases, the AMA will elevate the physician’s needs in Washington and continue to develop resources that help physicians create a culture of good cyber hygiene while reducing unnecessary administrative burden.

Download the complete research findings

Downloads

PDF 1: Medical Cybersecurity Findings

PDF 2: Medical Cybersecurity Infographic

Cybersecurity Awareness Checklist and Resources

Related Links

LINK 1: Start with a simple audit.

LINK 2: Review a computer safety checklist.

LINK 3: Review an IT systems safety checklist.

Why Join the AMA?

An AMA membership means you’ve got access to world-class clinical research, education and insights. Access peer-reviewed medical research findings and editorial opinions from JAMA®, the Journal of the American Medical Association, JAMA Network Open™ and the 11 specialty journals, with CME at no cost.

Join Now