A new Paubox report uncovers significant email security vulnerabilities in healthcare. This report reveals that 60% of healthcare organizations surveyed experienced email-related security incidents last year that exposed sensitive patient data. Despite this, most attacks go unreported. Only 5% of known phishing attacks and 4% of known HIPAA email violations are reported to security teams.

Email remains healthcares most vulnerable cyberattack entry point, and IT leaders dont have a handle on it. Andrea Palm, Deputy Secretary of Health and Human Services, emphasizes:Cyber attacks directly compromise patient safety, making robust email security essential.

Report highlights:

A?? 60% of healthcare IT leaders reported email security breaches or security incidents last year.

A?? Only 5% of known phishing attacks are reported to security teams.

A?? Healthcare IT teams arent just dealing with spam or hackerstheyre dealing with infrastructure that undermines their mission.

A?? IT leaders underestimate the costs of a HIPAA violation by a factor of four.

You might think that the gap between incidents and reporting points to a critical training or culture issue. However, 90% of healthcare organizations conduct regular employee training on email security best practices.

Hoala Greevy, CEO of Paubox, states:Healthcare doesnt need more patchwork fixesit needs a mindset shift. Patients expect secure, convenient communication, and its on us to meet that standard. With AI, automation, and built-in encryption, we can proactively defend patient data before threats ever hit the inbox. Thats exactly what we built ExecProtect+ to doeliminate risk at the source, not after the damage is done.