New Study Uncovers Behavior of Healthcare Employees Could Lead To Cybersecurity Risks

• 35% of healthcare workers say security policies restrict the way they work and 29% admit to finding ways to work around security policies. 48% are more efficient using apps like DropBox and Gmail.
• Twenty-six percent of healthcare industry workers store their work passwords in a personal journal.
• 78% of healthcare employees feel their personal well-being is more important to them than their job satisfaction.

According to a new study, workers in the healthcare sector are mature, take security seriously and want to do more to protect patient data. However, the industry still has a Shadow IT issue, poor password hygiene and inefficient processes for onboarding new clinicians.

“When the endpoint ecosystem works well, you have a secure, productive and happy workforce,” said Denis O’Shea, founder of Mobile Mentor.

In its inaugural year, The Endpoint Ecosystem study examines how employees perceive privacy, productivity, and personal well-being in the modern workplace. The study defines the Endpoint Ecosystem as the combination of all the devices, applications and tools plus the employee’s experience using that technology. The study presents a groundbreaking look at the tradeoffs between security and employee experience that every employer must face.

HR Technology News: Principal Survey Reveals Retirement Confidence Gap Across Generations

“The Endpoint Ecosystem has always been important, but it became urgent over the last two years when the pandemic forced more people to work remotely, cybersecurity attacks increased, and the Great Resignation forced employers to rethink how they support their employees,” said Denis O’Shea, founder of Mobile Mentor. “When the endpoint ecosystem works well, you have a secure, productive and happy workforce.”

The Endpoint Ecosystem study also highlights the following findings specific to the healthcare industry:

• The healthcare industry has better password hygiene than other industries studied but it is still very poor. Twenty-six percent of healthcare employees write their work passwords in a personal journal and twenty-four percent admit to storing their passwords in notes on their phone. Seventy percent admit to choosing passwords that are easy to remember and 20 percent reset their passwords every day.

• Healthcare has a Shadow IT problem. More than 35 percent of employees say security policies restrict the way they work and 29 percent admit to finding ways to work around security policies. Forty-eight percent of workers believe they are more efficient using non-work apps like Dropbox and Gmail.

• Healthcare workers generally understand the consequence and gravity of a security breach. Sixty-four percent of healthcare workers believe they will get fired for a data breach while 57 percent believe their executives should be fired for a privacy breach. Twenty-eight percent know someone who exposed their employer to a data breach.

• Nearly a third of healthcare employees believe they have not been adequately trained to protect company data. However, the data shows that 59 percent of healthcare workers receive security awareness training monthly or quarterly.

• Bring Your Own Device is a 15-year-old problem that has not yet been resolved in healthcare. Almost all healthcare workers use personal devices but only 51 percent have BYOD securely enabled. Also, 28 percent of healthcare workers allow their family members to use their work devices for personal usage.

• Seventy-eight percent of healthcare employees feel their personal well-being is more important to them. Twenty-two percent said job satisfaction was more important.

• Healthcare workers are waiting nearly three days to get set up with new work devices and making two to three support calls or tickets to get fully onboarded. With a critical shortage of clinical staff, employers need a better onboarding process.

HR Technology News: StaffHealth.com Creates New Division Dedicated to Recruitment Process Outsourcing

In late 2021, Mobile Mentor commissioned CGK to field the study of 1,500 employees across four high-risk and highly regulated industries: healthcare, finance, education and government. Employees were located in the United States and Australia. Each interview consisted of 25 questions to understand how employees are using devices in a post-pandemic world. The goal of the study is to gather data to educate and inform employers how devices in their industries are being used, how to prevent security breaches, and how to best support productive employees.

HR Technology News: Retain Talent With Marymount University’s Online EdD in Educational Leadership & Organizational Innovation