More than 80% of small healthcare practices expressed confidence in their current HIPAA compliance posture.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcareComplianceHIPAA
Nearly half of healthcare email breaches stem from Microsoft 365 alone.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcareEmailEmail breachesMicrosoft 365
In 2025, healthcare breaches took an average of 224 days to detect and another 84 days to contain—making it over 10 months total.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcareData breachDetection
Vision Upright MRI faced a $5,000 fine plus two years of federal monitoring after a server breach exposed over 21,000 individuals' medical imaging records.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcareData breach
43% of small healthcare organisations reported experiencing a phishing or spoofing incident in the past year.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcarePhishingSpoofing
83% of small healthcare practices believe patient consent removes the need for encryption.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcareEncryption
Solara Medical faced a $9.76 million class-action settlement following a phishing attack.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcarePhishing
64% of small healthcare practices believe patient portals are required for HIPAA compliance.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcareComplianceHIPAA
20% of healthcare practices do not utilise any form of email archiving or audit trail.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcareEmailCompliance
98% of small healthcare organisations falsely believe they are HIPAA compliant.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcareComplianceHIPAA
Over 90% of U.S. healthcare providers operate as small organisations.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
Healthcare
"Small" violations can cost healthcare practices anywhere from $25,000 to $9.76 million per incident.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcareCompliance
Phishing attacks now account for over 70% of healthcare data breaches as of 2024.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcareData breachPhishing
About 50% of small healthcare organisations lack anti-phishing controls beyond default spam filters.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcarePhishingSpam
Nearly 99% of small healthcare organisations have not implemented secure email transfer protocols.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcareEmail
98% of small healthcare practices claim their platforms "encrypt emails by default".
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcareEmailEmail encryption
Sunrise Community Health experienced an email compromise affecting 54,000+ patients.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcareEmail compromise
Only half of small healthcare practices have phishing or spoofing protection enabled.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcarePhishingSpoofingTools
The average small healthcare employee has access to more than 5,500 sensitive files.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcareSensitive data
Salud Family Health had a phishing attack exposing 80,000+ records.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcarePhishing
One-third of small healthcare practices report not having enough time for compliance tasks.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcareCompliance
One-third of small healthcare practices have no clear policies or procedures in place.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025
HealthcarePoliciesProcedures
Agape Health paid $25,000 for emailing protected health information unencrypted.
PauboxWhat small healthcare practices get wrong about HIPAA and email security·Aug 19, 2025