logo

30% of Healthcare Organizations Lack Resources for Data Protection in the Cloud

Nearly one-third of healthcare organizations store all of their sensitive data in the cloud, yet 30% lack the budget and resources to secure it effectively. While most plan to adopt measures such as encryption and user activity monitoring, financial constraints remain a barrier. With over half embracing a cloud-first strategy, healthcare providers face growing pressure to strengthen identity-first security and ensure compliance in cloud environments.

Earlier this year, we polled more than 750 organizations to find out what types of data organizations move to the cloud and what actions they take to protect it. The results are presented in our 2019 Cloud Data Security Report. In this article, we narrow down the results to the healthcare industry to understand the current situation and future trends in cloud data security for these organizations.

We found out that 32% of healthcare organizations store 100% of their sensitive data (e.g., healthcare data and the personal data of customers and employees) in the cloud. With so much sensitive data being stored in the cloud, we would expect these organizations to undertake initiatives to improve cloud data security, and, indeed, many of them plan to implement measures like encryption and user activity monitoring to strengthen their security posture.

However, lack of sufficient budget could prevent at least 30% of them from achieving their data security goals. Nevertheless, more than half of healthcare organizations are ready to adopt a cloud-first approach or move their entire infrastructures to the cloud, which makes it even more urgent for them to be able to manage and secure data in the cloud effectively.

2019 Cloud Data Security Report Healthcare

Dirk Schrader is a Resident CISO (EMEA) and VP of Security Research at Netwrix. A 25-year veteran in IT security with certifications as CISSP (ISC²) and CISM (ISACA), he works to advance cyber resilience as a modern approach to tackling cyber threats. Dirk has worked on cybersecurity projects around the globe, starting in technical and support roles at the beginning of his career and then moving into sales, marketing and product management positions at both large multinational corporations and small startups. He has published numerous articles about the need to address change and vulnerability management to achieve cyber resilience.