Home / News / LexisNexis Announces Results of Cybersecurity Survey; Erin Benson Quoted

LexisNexis Announces Results of Cybersecurity Survey; Erin Benson Quoted

Jeff Brody

LexisNexis Risk Solutions announced the results of its online survey, in collaboration with the Information Security Media Group (ISMG), that investigated the cybersecurity trends in healthcare on Thursday

The results showed that 58 percent of people believe that the cybersecurity of their patient portal is above average compared to others. In addition, 93 percent use their username and password as their patient portal authentication method, and 65 percent report their individual state budgets or patient identity management won’t increase in 2019. 

The survey included responses from more than 100 participants from healthcare organizations (HCOs), including hospitals, physician group practices and payers in early 2019. The top three cybersecurity takeaways of the report are as follows:

  • Traditional authentication methods are insufficient: As a result of many healthcare data breaches, hackers have access to legitimate credentials; users are also easily phished. Therefore, traditional username and password verification are considered an entry point, not a barrier, and alone cannot be relied upon to provide a confident level of security.

  • Multifactor authentication should be considered a baseline best practice: HCOs should rely on a variety of controls, ranging from knowledge-based questions and verified one-time passwords to device analytics and biometrics to authenticate users based on the riskiness of the transaction. The more risky the access request is, the more stringent the authentication technique should be. 

  • The balance between optimizing the user experience and protecting the data must be achieved in an effective cybersecurity strategy: HCOs need to make it easy for patients and partners to access records while ensuring adequate data protection. To do this, an HCO's cybersecurity strategy should layer low to no-friction identity checks up front, making it easier for the right users to get through and layer more friction-producing identity checks on the back end that only users noted as suspicious would complete.

"There are some surprises in the results, particularly the higher than expected confidence that organizations have in regards to the security of their patient portal and telemedicine platforms given that only 65% deploy multifactor authentication," said Erin Benson, director, market planning, Healthcare, LexisNexis Risk Solutions. 

"Multifactor authentication is considered a baseline recommendation by key cybersecurity guidelines. Every access point should have several layers of defense in case one of them doesn't catch an instance of fraud. At the same time, the security framework should have low-friction options up front to maintain ease of access by legitimate users."

About LexisNexis Risk Solutions 

LexisNexis Risk Solutions harnesses the power of data and advanced analytics to provide insights that help businesses and governmental entities reduce risk and improve decisions to benefit people around the globe. We provide data and technology solutions for a wide range of industries including insurance, financial services, healthcare and government.

Check Also

Air Force Revising Medical Treatment Model for Active, Non-Active Duty Airmen

The U.S. Air Force is reforming its health care model to establish separate treatment operations for active and non-active duty servicemen, Federal News Network reported Monday. Lt. Gen. Dorothy Hogg, surgeon general for the Air Force, told the publication that the new model for preventative and personalized health care is aimed at clearly defining responsibilities under the military branch’s missions for medical readiness.