As of October 2025, the American Hospital Association had logged 364 healthcare hacking incidents this year. Unbelievably, 100% of the breached data was unencrypted.

It was either exposed because stolen credentials unlocked access to encrypted data or stored in plain text outside of protected systems.

That’s more than a healthcare cybersecurity statistic; it’s an indictment.

Hopefully, it’s also a wake-up call about how encryption is being implemented, managed and audited across healthcare. If every compromised record could be read, leaders have to ask: Is encryption truly functioning as our last line of defense or merely as a compliance checkbox?

The significance of the “100% unencrypted” finding

The AHA report’s insight hits at the core of healthcare security: encryption. Proper

See Full Page