55% of Surveyed Healthcare Workers Believe Security Policies Keep Up With New Tech

April 18, 2023 - A survey of more than 400 healthcare workers revealed perceived gaps in healthcare security programs, Salesforce discovered. As new technologies such as generative AI gain popularity, security experts must meet the daunting challenge of keeping up with the security risks that come along with these new tools.

Nearly a quarter of Salesforce survey respondents reported thinking that generative AI programs such as ChatGPT or DALL-E are safe to use at work. What’s more, 15 percent of respondents reported already having experimented with these tools.

Despite growing enthusiasm for these tools, just 55 percent of respondents reported feeling that their organization’s security policies were keeping up with new tools and technologies.

“As more patient data is stored and transmitted digitally, cybersecurity risks will continue to evolve. And they become more complex as new technologies like generative AI enter the fold,” said Sean Kennedy, VP & GM, Global Health Strategy & Solutions, Salesforce.

“Healthcare workers play a critical part in keeping patient data safe. Organizations can empower their workforce by fostering a strong security-first culture that emphasizes the importance of security at all levels and enables them with secure digital tools.”

It appears that the majority of healthcare workers understand their obligations to protect patient data, with 76 percent of respondents agreeing that keeping data safe is their responsibility.

However, nearly a third of respondents reported not knowing what to do in the event of a breach, pointing to a need for enhanced security training and awareness. More than two-thirds of respondents said that their organization had a “security-first” culture, but just 31 percent said they were familiar with company security processes.

What’s more, only 40 percent of healthcare workers considered their connected devices to be a security risk, and one in three respondents reported re-using passwords for personal and work-related logins.

The importance of a robust security training and awareness program in healthcare cannot be understated, the Salesforce data showed. Without a security-first culture, workers may be prone to clicking on suspicious links or using unsecured devices, jeopardizing patient data in the process.

“Healthcare workers are responsible for patient care, and that includes their data,” the report stated. “While organizations recognize the importance of a security-first culture, the reality on the ground shows that existing trainings and tools could be improved.”

Just 54 percent of respondents said that they found security training to be efficient. Engaging, digestible trainings are crucial to getting key security messaging across and improving an organization’s overall security posture.

Best practices for a successful training and awareness program include gamification, collaboration, and using a variety of mediums to attract various audiences throughout the workforce. With security as a priority across the workforce, healthcare organizations can strengthen their data protection practices and further protect patient safety.