“Hospitals are a good target for another reason as well: they ‘have not trained their employees on security awareness … and hospitals don’t focus on cybersecurity in general,’ he says. Instead, their primary concern is HIPAA compliance, ensuring that employees meet the federal requirements for protecting patient privacy.”
Source: Why Hospitals Are the Perfect Targets for Ransomware | WIRED