Over Half of Healthcare Workers Aren’t Cybersecurity Trained

Approximately 56% of healthcare employees have not had cybersecurity training arranged by their current employer, even though 76% of healthcare professionals handle confidential data at work.

This data was revealed in a new survey that was commissioned by encrypted cloud service provider NordLocker.

“Since healthcare is among the top five industries most hit by ransomware, the organizations that don’t train their employees how to identify the potential risks and about the right measures to avoid them are on the brink of falling victim to various cybercriminal activities,” says Oliver Noble, a cybersecurity expert at NordLocker.

Additionally, the survey reveals that 17% of employees in the healthcare sector don’t use any cybersecurity tools at work. Among those who do use protection on their digital devices, antivirus is the most popular software (60%) followed by a password manager (57%), a VPN (36%), and a file encryption tool (36%).

“With cyber racketeers going after the overwhelming amount of sensitive patient data healthcare service providers have access to, employers who don’t urge their employees to use the necessary cybersecurity tools, or even worse, don’t provide them, are putting their reputation at stake,” says Noble. “For example, unsecured IoT devices, such as printers, can provide a pathway to a hospital’s computer systems.”

When asked who should be responsible if they accidentally caused a data breach in their workplace, roughly half of healthcare workers answered with “both the employer and the employee.” However, one in five respondents (21%) would solely blame their company if they were involved in a data breach.

“With the human element being one of the weakest links in an organization’s cybersecurity and hackers looking for vulnerabilities to exploit, it’s easy to see why many employees believe their employer should ensure appropriate means to be able to withstand threats,” Noble says.

NordLocker commissioned a survey of 300 employees in the healthcare sector in the US in October 2021 to conduct this study.

Featured image: Approximately 56% of healthcare employees have not had cybersecurity training arranged by their current employer, even though 76% of healthcare professionals handle confidential data at work. Photo: Nordlocker.