2020 HIPAA Testing Trends
http://info.securitymetrics.com/2020-hipaa-testing-trends
Interested in more HIPAA Compliance statistics? Check out our HIPAA Guide.
2020 HIPAA Testing Trends
How Is Healthcare Doing With Testing Their Environments?
Over the past three years, we interviewed over 150 healthcare professionals responsible for HIPAA compliance (i.e., 61 professionals in 2019, 40 in 2018, and 56 in 2017) about how organizations test their environment, through such things as vulnerability scans and penetration tests. This infographic is an analysis of their collected responses.
2019 SUMMARY
53% conduct vulnerability scans.
46% conduct vulnerability scans at least quarterly.
17% perform penetration tests.
10% perform penetration tests at least annually.
Organizations Conduct Vulnerability Scanning
Pro Tip: Organizations should perform vulnerability scans–both internal and external scans–to confirm their network security.
2019 Data
- 53% Yes
- 27% Don't know
- 20% No
2018 Data
- 68% Yes
- 9% Don't know
- 23% No
How Often Organizations Conduct Vulnerability Scans
Pro Tip: Organizations should regularly conduct vulnerability scans (e.g., quarterly).
2019 Data
- Never: 20%
- Don’t know: 26%
- After a major network change: 7%
- Annually: 8%
- Semiannually: 2%
- Quarterly: 39%
- Monthly: 7%
2018 Data
- Never: 22%
- Don’t know: 20%
- After a major network change: 0%
- Annually: 1%
- Semiannually: 1%
- Quarterly: 46%
- Monthly: 10%
Organizations perform penetration tests
Pro Tip: To protect against cyber-attacks, penetration testing is vital to a network’s security.
2019 Data
- Yes: 17%
- Don't know: 43%
- No: 40%
2018 Data
- Yes: 24%
- Don't know: 45%
- No: 31%
2017 Data
- Yes: 26%
- Don't know: 58%
- No: 16%
How often organizations perform penetration tests
Pro Tip: Organizations should regularly perform penetration tests (e.g., annually and after major network changes).
2019 Data
- Never: 44%
- Don’t know: 42%
- Every other year: 2%
- Annually: 8%
- After major network changes: 2%
- Annually and after major network changes: 2%
2018 Data
- Never: 38%
- Don’t know: 53%
- Every other year: 2%
- Annually: 5%
- After major network changes: 0%
- Annually and after major network changes: 2%
2017 Data
- Never: 8%
- Don’t know: 78%
- Every other year: 2%
- Annually: 6%
- After major network changes: 2%
- Annually and after major network changes: 4%
HIPAA TAKEAWAYS SINCE 2018
- 22% decrease in organizations that conduct vulnerability scans.
- 18% decrease in organizations that conduct vulnerability scans at least quarterly.
- 29% decrease in organizations that perform penetration tests.
- 43% increase in organizations that perform penetration tests at least annually.
Click Here to Download the 2020 Guide to HIPAA Compliance