By By Dan Hounsell

Cyber attacks on healthcare IT systems show no signs of slowing down, even as IT managers update and implement new firewalls and procedures designed to prevent the theft of valuable patient data. Unfortunately, gaps remain, especially among smaller organizations.

A new report on data risk in healthcare has found that many organizations have serious security gaps exposing them to risks, according to Healthcare Global. The report, by data security and analytics firm Varonis, includes data from 57 global healthcare organizations in the United Kingdom, United States, France and Germany, compiled using data analysis of 3 billion files.

It revealed that overexposed data and an increased number of highly sophisticated cyber attacks have made healthcare one of the most at-risk sectors in 2021. Key findings from the report include:

• Two-thirds of healthcare organizations have more than 500 passwords that never expire.

• Nearly 20 percent of files are open to every employee in healthcare organizations.

• 31,000 sensitive files are open to everyone.

• More than one-half of organizations have more than 1,000 sensitive files open to every employee.

Smaller organisations in particular had a concerning amount of exposed data, including sensitive files, intellectual property and patient records.