Learning Center Home > HIPAA > HIPAA Firewall Trends

HIPAA Firewall Trends

HIPAA

2020 HIPAA Firewall Trends

2020 HIPAA Firewall Trends

How Is Healthcare Doing With Firewalls?

Over the past three years, we interviewed over 150 healthcare professionals responsible for HIPAA compliance (i.e., 61 professionals in 2019, 40 in 2018, and 51 in 2017) about their firewall practices, policies, and procedures. This infographic is an analysis of their collected responses.

2019 SUMMARY

  • 25% don’t know what firewall(s) their organization uses.

  • 59% review their firewall rules at least annually.

  • 56% use a third party to manage their network’s firewall(s).

  • 27% segment their network (through firewall segmentation, VLANs, SDN).


Types of Firewalls Organizations Use

All networks (whether small or large) need both a hardware and software firewall, as well as a web-application firewall for all public-facing web applications.

2019 Data

·      Hardware firewall: 41%

·      Software firewall: 31%

·      Web application firewalls: 15%

·      Don't know: 25%

·      We don't use firewalls: 5%

 

2018 Data

·      Hardware firewall: 78%

·      Software firewall: 35%

·      Web application firewalls: 13%

 

2017 Data

·      Hardware firewall: 20%

·      Software firewall: 18%

·      Both: 31%

·      Don't know: 31%

 

2016 Data

·      Hardware firewall: 31%

·      Software firewall: 24%

·      Both: 18%

·      Don't know: 27%


How often firewall rules are reviewed

A security professional should regularly review your firewall rules (e.g., at least quarterly).

2019 Data

·      Never: 10%

·      Don’t know: 31%

·      Annually: 22%

·      Semiannually: 12%

·      Quarterly: 7%

·      Monthly: 15%

·      Weekly: 3%

 

2018 Data

·      Never: 10%

·      Don’t know: 50%

·      Annually: 18%

·      Semiannually: 7%

·      Quarterly: 8%

·      Monthly: 5%

·      Weekly: 2%

 

2017 Data

·      Never: 0%

·      Don’t know: 45%

·      Annually: 10%

·      Semiannually: 0%

·      Quarterly: 16%

·      Monthly: 16%

·      Weekly: 13%

 

2016 Data

·      Never: 7%

·      Don’t know: 41%

·      Annually: 13%

·      Semiannually:

·      Quarterly: 17%

·      Monthly: 13%

·      Weekly: 9%


Network firewalls managed by a security professional or third party 

Though not required, managed firewalls can help organizations with complex firewall rules and firewall management.

2019 Data

·      Don’t use firewalls: 5%

·      Don’t know: 18%

·      In-house security professional: 21%

·      Third-party vendor: 44%

·      Both: 12%

 

2018 Data

·      Don’t use firewalls: 2%

·      Don’t know: 7%

·      In-house security professional: 18%

·      Third-party vendor: 60%

·      Both: 13%

 

2017 Data

·      Don’t use firewalls: 0%

·      Don’t know: 16%

·      In-house security professional: 10%

·      Third-party vendor: 74%

·      Both: 0%


Organizations segment their network

Though not required, firewalls can be used to implement network segmentation within an organization’s network.

2019 Data

  • 27% Yes

  • 42% No

  • 31% Don’t know

HIPAA TAKEAWAYS SINCE 2018

  • 47% decrease in organizations that use hardware firewalls.

  • 11% decrease in organizations that use software firewalls.

  • 48% increase in organizations that review firewall rules at least annually.

  • 8% decrease in organizations that use both a third party and an in-house professional to manage their firewall(s). 


Click Here to Download: 2020 Guide to HIPAA Compliance


Have a HIPAA Deadline?

Request a Quote

2017 HIPAA Firewall Trends

http://info.securitymetrics.com/how-is-healthcare-doing-with-firewalls


Have a HIPAA Deadline?

Request a Quote