Despite high-profile hack attacks, like the Anthem breach in which cybercriminals exposed 80 million medical records, the health-care industry continues to shortchange Americans when it comes to protecting their data. That's the key takeaway from a new cybersecurity report from Forrester.
"When it comes to preparedness, they're woefully behind and that, to me, is the most concerning thing," said Forrester analyst Stephanie Balaouras.
"They've done it begrudgingly and they've done it as something that they need to comply with at the lowest possible cost, as opposed to something they really embrace," she said.
"The focus, to date, has really been more on achieving HIPAA compliance rather than overall privacy," Balaouras said. (The Health Insurance Portability and Accountability Act, known as HIPAA, provides federal protections for personally identifiable information held by providers and their associates, and gives patients certain rights regarding that information.)