---
title: "Healthcare Organizations Still Reluctant to Protect Themselves from Phishing Attacks | Phish Protection"
description: "What"
image: "https://phishprotection.com/og/blog/healthcare-organizations-still-reluctant-to-protect-themselves-from-phishing-attacks.png"
canonical: "https://phishprotection.com/blog/healthcare-organizations-still-reluctant-to-protect-themselves-from-phishing-attacks/"
---

Quick Answer

What's the old saying? \_Fool me once, shame on you. Fool me twice, shame on me.\_ Apparently the shame is on the healthcare industry.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fhealthcare-organizations-still-reluctant-to-protect-themselves-from-phishing-attacks%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Healthcare%20Organizations%20Still%20Reluctant%20to%20Protect%20Themselves%20from%20Phishing%20Attacks&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fhealthcare-organizations-still-reluctant-to-protect-themselves-from-phishing-attacks%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fhealthcare-organizations-still-reluctant-to-protect-themselves-from-phishing-attacks%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fhealthcare-organizations-still-reluctant-to-protect-themselves-from-phishing-attacks%2F&title=Healthcare%20Organizations%20Still%20Reluctant%20to%20Protect%20Themselves%20from%20Phishing%20Attacks "Share on Reddit") [ ](mailto:?subject=Healthcare%20Organizations%20Still%20Reluctant%20to%20Protect%20Themselves%20from%20Phishing%20Attacks&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fhealthcare-organizations-still-reluctant-to-protect-themselves-from-phishing-attacks%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2019/11/phishing-protection-8352.jpg) 

What’s the old saying? _Fool me once, shame on you. Fool me twice, shame on me._ Apparently the shame is on the healthcare industry.

Despite [numerous](https://ocrportal.hhs.gov/ocr/breach/breach%5Freport.jsf) successful phishing attacks on healthcare organizations affecting almost **40 million people**, the industry is still not sufficiently motivated to protect itself. From [Security Boulevard](https://securityboulevard.com/2019/11/healthcare-organizations-continue-to-be-a-soft-target-for-phishing-attacks/), “_to date in 2019 there have been 326 Hacking/IT Incidents affecting some 39,050,355 individuals. Of these incidents, 208 of them have been via **email phishing attacks**_.”

![Phishing protection](https://media.mailhop.org/phishprotection/images/2019/11/phishing-protection-8352.jpg) 

This is confirmed in an article on [Data Breach Today](https://www.databreachtoday.com/blogs/email-breaches-growing-healthcare-challenge-p-2807?rf=2019-10-18%5FENEWS%5FACQ%5FDBT%5F%5FSlot3%5FBLOG2807&mkt%5Ftok=eyJpIjoiWVROaU1XVXlNRFF4WTJVMyIsInQiOiJEdDF3QWErSFM5XC9ZMzRNUU5hdHdKM0pkK1I4VUxBdEkwNTlkdVJocmIrWXh2bWtyOThOb21rUjUyUGQ0dktxak9FUStVUzZFdDRyUU80VXBGbkVNR3c5S2VDNm1XaEZlM3FtQjVLT3lJZTNIT0kxYWFqTExpc1B3TGlYb1dqUm0ifQ%3D%3D). “Phishing attacks are the primary vector in many of the largest health data breaches being reported to the Department of Health and Human Services these days.” How bad is it? According to [Business Insider](https://www.businessinsider.com/why-healthcare-data-breach-epidemic-will-intensify-2019-4), “Last year healthcare had more cybersecurity breaches than any other industry - and it will likely intensify.”

That these breaches took place is not in dispute. But what is perplexing is the industry’s response to them. So, what has been the industry’s response? From the same Security Boulevard article, “_Privacy and security are health firms’ third-highest priority.” Third?_ What has to happen for it to move up to number one?

It can’t be the cost, because the [cost of HIPAA violations](https://www.accountablehq.com/post/cost-of-noncompliance) from a data breach are enormous while the **cost of prevention** is on the order of pennies per employee per month. Whatever the motivation, something has got to change. And that change is [Phish Protection](/).

> 

Phish Protection is a cloud-based email security service with real-time link click protection.

_Cloud-based means it requires no hardware, no software and no maintenance_. More importantly to healthcare providers, it doesn’t require any additional IT staff.

_Phish protection can be set up in 10 minutes to protect every employee in the company, and on every one of their devices_. In works with any email provider and comes with

- display name spoofing,
- domain name spoofing and
- malicious attachment blocking.
![Protection from phishing](https://media.mailhop.org/phishprotection/images/2019/11/protection-from-phishing-7346.jpg) 

In other words, it **stops phishing attacks**.

The only possible answer as to why a healthcare organization would not invest 10 minutes and pennies a month per employee to **avoid a cyber-attack** is they just don’t know about viable solutions. Well now they do.

If you’re at a healthcare organization, or any organization, that doesn’t have **cloud-based email security** with real-time link click protection, you have no more excuses. Head on over to [PhishProtection.com](/) and try it risk-free for 30 days. Do it.

## Topics

[ Phishing ](/tags/phishing/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Foundational 5m  0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks  Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[  Foundational 4m  13 Spear Phishing Attacks Examples To Justify Investment For Phishing Prevention Solutions In Your Organization  Aug 1, 2019 ](/blog/13-spear-phishing-attacks-examples-to-justify-investment-for-phishing-prevention-solutions-in-your-organization/)[  Foundational 4m  All 14 centers of Kettering Health were affected by a massive ransomware attack, Major outage in the Ohio medical center  May 23, 2025 ](/blog/14-centers-of-kettering-health-were-affected-by-massive-ransomware-attack-in-ohio-medical-center/)[  Foundational 4m  2021 Phishing Trends You Need To Be Wary Of  Aug 2, 2021 ](/blog/2021-phishing-trends-to-be-wary-of/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Healthcare Organizations Still Reluctant to Protect Themselves from Phishing Attacks","description":"What's the old saying? Fool me once, shame on you. Fool me twice, shame on me. Apparently the shame is on the healthcare industry.","url":"https://phishprotection.com/blog/healthcare-organizations-still-reluctant-to-protect-themselves-from-phishing-attacks/","datePublished":"2019-11-20T08:38:14.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2019-11-20T08:38:14.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/healthcare-organizations-still-reluctant-to-protect-themselves-from-phishing-attacks/"},"articleSection":"foundational","keywords":"Phishing","wordCount":412,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2019/11/phishing-protection-8352.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"Healthcare Organizations Still Reluctant to Protect Themselves from Phishing Attacks","item":"https://phishprotection.com/blog/healthcare-organizations-still-reluctant-to-protect-themselves-from-phishing-attacks/"}]}
```