2019 Healthcare Cybersecurity Report

2019 Healthcare Report

Over the past three years, SecurityScorecard has reported on the struggles the healthcare industry faces, noting it often fails to protect patient and organizational data. When compared to other industries historically, healthcare has been one of the lowest security ratings performers. In this year’s report, SecurityScorecard looked at 26,204 companies from September 2018 to January 2019 and analyzed terabytes of information to assess risk across ten risk factors. The healthcare industry ranked in the middle of the pack this year amongst 18 industries.

Key Report Insights:

  • The healthcare industry ranks eighth out of eighteen other major U.S. industries.
  • Ranks eighth out of eighteen for application security when compared to other major U.S. industries.
  • Ranks thirteenth out of eighteen in DNS health when compared to other major U.S. industries.

“It’s no secret in healthcare, significant risk exists in the supply chain and it's increasing as systems supporting clinical and administrative processes are migrating out of our data centers and into the hands of service providers more and more. Security Scorecard gives us a lens into how seriously our service providers take the security of their platforms. We’re using it as an input into selecting the right service providers, getting the contracts and service levels right, monitoring adherence to those contracts, and to drive honest conversations about security – which are most important.” - Taylor Lehmann, Chief Information Security Officer, Wellforce and Tufts Medical Center