Healthcare cybersecurity and ransomware attacks were analyzed in a recent report by Software Advice. According to the report, more than 25% of ransomware attacks directly impact patient care, leading to disrupted medical services, lost data and compromised patient safety.

The report found that the vast majority (87%) of data held in today’s medical practices is digital. Fifty percent of healthcare organizations in the U.S. have now experienced a data breach, with 32% encountering one in the last three years. The survey found that 42% of practices have experienced a ransomware attack, with 48% of these attacks impacting patient data. More than one in four (27%) of these attacks directly affect patient care.

Despite the high risk, 63% of healthcare organizations have a cybersecurity response plan in place, leaving 37% without a formalized strategy to address cyber threats. Without a formalized plan in place, healthcare providers may face significant delays in response times and increased risk of data loss.

Human error and targeted attacks against data security systems are the main causes of breaches. In fact, 74% of healthcare organizations spent fewer than five hours on IT security and data privacy training for their employees in 2023, with 35% dedicating two hours or fewer. With more than half (55%) of healthcare organizations allowing employees to access more data than necessary for their job roles, an increase in employee training is essential to help staff recognize and respond to cyber threats, such as pervasive phishing scams.

Read the report.