More than half of electronic health record vendors — 58 percent — scored in the "D" grade range for security, according to a news release from Corl Technologies, a vendor security risk management solution provider.
Additionally, 8 percent of vendors received an "F" grade, indicating a lack of confidence based on demonstrated weakness in their culture of security. Four percent of vendors received an "A" grade, 16 percent received a "B" grade and 14 percent received a "C" grade.
The report also finds that approximately one-third, 32 percent, of vendors have security certifications such as FedRAMP, HITRUST, ISO 27001 and SSAE-16.
The data are unsettling, especially given the steady rise in major data breaches over the past year.
"The average hospital's data is accessible by hundreds to thousands of vendors with abysmal security practices providing a wide range of services," said Cliff Baker, CEO of Corl Technologies, in the news release. "When healthcare and industry organizations don't hold vendors accountable for minimum levels of security, these vendors establish an unlocked backdoor to sensitive healthcare data."
More Articles on Data Security:
Alabama Department of Public Health Notifying Patients of Potential Data Breach
Providers Using Data Brokers to Identify High-Risk Patients
How Data Leaks Are Compromising Hospitals’ Medical Devices