A new report from Guidehouse finds that as health systems continue to face cybersecurity threats and operational complexities, they’re finding they must make greater investments to harden cybersecurity postures and technology capabilities.
WHY IT MATTERS
Based on a survey of 144 provider executives conducted by the Healthcare Financial Management Association, chief financial officers and other healthcare executives reported they saw digital and IT budgets increase by an average of 18.3% from 2019 to 2023.
One in five cited increases of more than 30% over that period, according to an announcement Monday from Guidehouse.
Since 2019, 70% of providers have updated their digital and IT decision-making structures, processes or capabilities.
Most notably, the 2024 Health System Digital & IT Investment Trends report indicates that more than 85% of health systems are increasing their 2024 digital and IT budgets, and almost half project moderate to significant increases. The majority of those surveyed cited needs for resources and operational implementation expenses.
Top investment priorities include cybersecurity (55%), electronic health record modernization (46%), digital care (32%) and advanced analytics, AI and machine learning (31%).
Of those who are decreasing or not changing their digital and IT budgets in 2024, 72% say they lack the funding to do it, says Guidehouse.
THE LARGER TREND
In March, the Biden-Harris Administration proposed considerable healthcare IT spending for 2024 to improve and deepen cross-sector collaboration to defend critical Infrastructure with large earmarks for the Cybersecurity and Infrastructure Security Agency ($3.1 billion), the Office of Veterans Affairs (more than $8 billion to upgrade IT and electronic health records) and other agencies.
On Friday, President Joe Biden averted a government shutdown by signing a temporary spending bill passed by the House of Representatives and the Senate that funds four federal agencies until January 19, 2024, and the rest until Feb 2. The action gives Congress more time to negotiate long-term spending, National Public Radio reported.
Meanwhile, many healthcare cybersecurity leaders are facing pressure with budgets reined in by the economy but cyberattacks gaining intensity, according to the 2023 Voice of the CISO report released in September by Proofpoint.
Smaller hospitals rich with protected health information but grappling with financial stability are also feeling the threat as a prime target of healthcare ransomware attacks, with some calling for the government to create incentives specifically for them.
Wes Wright, chief healthcare officer of Ordr, explained to Healthcare IT News this week that small hospitals cannot afford to protect the large electronic attack surfaces.
“The smaller community hospitals have a bigger problem than everyone else” – they have to choose between cybersecurity protection and patient care devices, he said.
ON THE RECORD
“Success in 2024 and beyond demands investment strategies that are rooted in pragmatic goals to generate meaningful and measurable returns,” Matt Onesko, partner at Guidehouse, said in a statement.
