Cyberattacks present a threat to the security of patient and other data digitally stored by hospitals, medical facilities, and health care professionals. The most common attack, referred to as "phishing," aims to fool users into providing passwords or other data. Less frequent but still dangerous are ransomware attacks that take control of institutional computer systems until ransoms are paid. Many medical devices used in hospitals are also vulnerable to outside manipulation of their software.

While estimates put the annual number of illicit probes seeking to access hospital data in the billions, only a small number succeed. Even so, their impact is significant. In 2018, according to a July 23 report from Xtelligent Healthcare Media, 15 million patient records reportedly were compromised in 503 data breaches, and 25 million more may have been exposed in the first half of 2019.

The increasing vulnerability of hospitals and medical facilities to damage from cyberattacks is largely due to the now prevalent use of electronic health record keeping coupled with inadequate investment in security measures. Although one-third of health care organizations increased their cybersecurity spending from 2017 to 2018, health care's investment still lags behind those of the financial services and retail industries.-Frank Brodhead