Cyber threats pose escalating risks for healthcare providers

Healthcare continues to rank among the most targeted industries for cyberattacks, as organisations in the sector store vast volumes of personally identifiable information (PII) and sensitive health data.

According to Gallagher, the rising digitisation of healthcare, including telehealth and online medical services, has expanded the attack surface available to cyber criminals, creating new challenges for data protection and operational resilience.

Gallagher’s report highlighted that telehealth providers face heightened exposure due to their reliance on connected systems that can be exploited. “While there are a number of protections that healthcare organisations can employ to safeguard systems and private information, cyber criminals are constantly devising new ways to infiltrate systems or trick people into disclosing information,” the organisation said.

The financial and operational consequences of such breaches are severe, ranging from business interruptions and reputational damage to potential legal actions and regulatory penalties. Smaller healthcare businesses often lack the resources to recover swiftly from cyber incidents, leaving them vulnerable to lasting financial and reputational harm.

Gallagher’s report identified several key areas of cyber risk. Sensitive data remains one of the most exposed categories, as breaches involving PII or personal health information (PHI) trigger mandatory reporting obligations and may involve additional costs, such as legal, forensic and credit monitoring services for affected individuals.

In one case study cited by Gallagher, a telehealth provider’s systems were hacked, blocking access to electronic medical records and leaking data on the dark web. The Privacy Commissioner launched an investigation to assess whether the provider met its data protection obligations. Insurance coverage in this instance included privacy liability costs, regulatory investigation expenses, legal and forensic services and public relations assistance.

Operational downtime presents another key threat. Many healthcare providers depend on technology for record-keeping, prescription processing and communications, making them susceptible to ransomware. Attackers often disable backups, leaving organisations unable to restore lost data.

Gallagher also noted that technology vendors serving healthcare providers may face liability if software errors cause patient harm or financial loss. Furthermore, evolving data privacy laws across Australian states impose differing compliance obligations on healthcare organisations, underscoring the need to maintain up-to-date data governance measures.

Cyber insurance, Gallagher emphasised, has become an essential safeguard. It provides access to technical experts for rapid system recovery and covers financial losses from business interruptions, data restoration and reputational impacts. Gallagher’s report also noted that brokers play a crucial role in guiding healthcare organisations on suitable coverage and developing resilience against increasingly complex cyber security threats.

What are your thoughts on Gallagher’s recent report? Share your insights in the comments below.