The survey of healthcare leaders identifies how providers are defending against growing cyber threats and the greatest barriers to their ongoing security
PLANO, Texas, March 3, 2025 -- FinThrive, Inc., a healthcare revenue management software-as-a-service (SaaS) provider, and the Healthcare Information and Management Systems Society (HIMSS) today revealed the results of its recent cyber-preparedness and resilience survey of healthcare leaders. Designed to capture hospitals' top priorities and challenges related to cyber-security, the survey comes as the number of healthcare–related cyber-attacks is projected to reach almost 700 (nearly two per day) in 2025, a number that is 10 times the average from 2016-2022, and an increase of 150% from last year per the Office of Civil Rights (OCR).
The survey revealed the top three actions healthcare organizations are utilizing in response to recent cyberattacks within the industry. These are:
- Conducting internal risk assessments;
- Increasing collaboration with, and scrutiny of, third-party vendors; and
- Implementing automated incidence response plans.
Incidence response plans often include prioritizing standby or backup capabilities for claims management and eligibility. In fact, 88% of survey respondents stated they are testing backups regularly to prepare for future cyber-related system downtime.
The survey also identified a trend toward higher investment into cybersecurity capabilities in multi-facility healthcare organizations compared to single-facility healthcare organizations. Respondents shared that adequate cybersecurity measures may require too large of an investment for some organizations, as 67% of smaller providers indicated budget is an obstacle versus 24% of larger organizations who cited budget restraints.
As providers are increasingly focused on cyber resilience, they are investing time and resources to better understand their own risk – and sharing some of the responsibility to manage that risk with their software vendors and partners, who will face more scrutiny moving forward.
Revenue protection is also top of mind to providers, with claims and collections being a key priority. Market pressure on margins and cash flow has created fragility in profitability, as such, insulating cash flow from cyber threats has become a strategic imperative for many organizations. As stated, size matters here, and smaller organizations may have larger vulnerabilities given their lower capital position compared to larger healthcare systems.
"The size of a hospital should never dictate its ability to protect its facility, community and patients in this fast-paced and ever-changing cybersecurity environment," said Hemant Goel, President and CEO, FinThrive. "Although there are significant operational expense challenges facing all healthcare organizations, ensuring providers are working with external partners that they trust and that focus on security as the highest priority, can help lighten the burden on internal stress and resourcing associated with cyber-attacks."
This survey was conducted in October and November of 2024 to gather reactions to a recent wave of cyberattacks in the healthcare industry. A total of 50 respondents were included in the analysis consisting of IT/technology and finance leaders in healthcare at the VP level or above in the United States. Respondents were also screened for being involved in or having awareness of cyber-preparedness and resilience efforts within their organizations.
To learn more about cybersecurity tactics and technology to safeguard your revenue cycle, listen to Chief Information Security Officer, FinThrive, Greg Surla's recent podcast with HIMSS.
Additionally, this infographic provides a detailed look into the current state of healthcare cyber resilience.
About FinThrive
FinThrive helps healthcare organizations increase revenue, reduce costs, expand cash collections, and ensure regulatory compliance across the entire revenue cycle continuum. Providing one of healthcare's most comprehensive revenue cycle management SaaS platforms, FinThrive's holistic approach to revenue management offers patient access, charge integrity, claims management, contract management, machine learning and robotic process automation, data and analytics, and education solutions. Three out of five U.S. hospitals and health systems are using FinThrive today. For more information, visit finthrive.com.
About Healthcare Information and Management Systems Society (HIMSS)
The HIMSS Vision is to realize the full health potential of every human, everywhere. The HIMSS Mission is to reform the global health ecosystem through the power of information and technology. With a global society of 125,000 individuals, 430+ provider organizations, 500+ nonprofit partners, and 550+ health services organizations, HIMSS offers a unique depth and breadth of expertise in digital health transformation, public policy, workforce development, governance, analytics, and cybersecurity to empower health and healthcare leaders, clinicians, and technology partners across the global health ecosystem.
HIMSS provides critical insights, advisory services, educational resources, professional development tools, and networking opportunities to the global health information and technology communities. The HIMSS Global Headquarters is in Rotterdam, the Netherlands, and the HIMSS Americas Headquarters is in Chicago, Illinois. Join our global society at www.himss.org.
This News is brought to you by Qube Mark, your trusted source for the latest updates and insights in marketing technology. Stay tuned for more groundbreaking innovations in the world of technology.
