New Ponemon Institute Research Shows Ransomware Attacks on Healthcare Delivery Organizations Can Lead to Increased Mortality Rate

An Independent Analysis of Nearly 600 Providers Also Demonstrates How COVID-19 Has Reduced Their Ability to Defend Against Cyber Threats

BOSTON--()--Ponemon Institute, the pre-eminent research center dedicated to privacy, data protection, and information security policy, surveyed 597 IT and IT security professionals to understand how COVID-19 has impacted how healthcare delivery organizations (HDOs) protect patient care and patient information from increasing virulent cyberattacks, especially ransomware. The independent research report, entitled The Impact of Ransomware on Healthcare During COVID-19 and Beyond, was commissioned by Censinet, the leading healthcare IT risk solutions provider.

For the first time, this research shows that ransomware attacks on healthcare organizations may have life-or-death consequences. Nearly one in four healthcare providers reported an increase in mortality rate due to ransomware. The onset of COVID-19 introduced new risk factors to HDOs, including remote work, new systems to support it, staffing challenges, and elevated patient care requirements. The research focuses on helping CIOs, CISOs, and healthcare risk executives understand the extent to which HDOs are being targeted and ascertain the impact of those attacks. Both are covered in-depth in the key findings section of the report.

“Our findings correlated increasing cyberattacks, especially ransomware, with negative effects on patient care, exacerbated by the impact of COVID on healthcare providers,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. “We also analyzed steps that HDOs are taking to protect patient safety, data, and care operations to determine what is working since so many respondents have been victims of more than one ransomware attack.

The report highlights the following impact of ransomware on patient care:

  • Increase in mortality rate
  • More complications from medical procedures
  • Delays in procedures and tests that resulted in poor outcomes
  • Upturn in patients transferred or diverted to other facilities
  • Longer lengths of stay

“The combination of data breaches, ransomware attacks, and COVID-19 has created the perfect cybersecurity storm and worst two years on record for IT and security leaders in healthcare,” stated Ed Gaudet, CEO and Founder of Censinet. “The Ponemon Research results are an urgent wake-up call for the healthcare industry to transform its cybersecurity and third-party risk programs or jeopardize patient lives.”

Ponemon Institute and Censinet will present the details of the independent research report in a webinar entitled “Understanding the Impact of Ransomware on Healthcare During COVID-19 and Beyond.” It will be presented live on Wednesday, September 29, 2021, at 12:00 PM ET and features Dr. Larry Ponemon and Ed Gaudet, both leading advocates and experts in the healthcare information industry. Register here

To receive a copy of the research report, The Impact of Ransomware on Healthcare During COVID-19 and Beyond, or to learn more about the impact of ransomware on patient care, please visit

About Ponemon Institute

Ponemon Institute is dedicated to independent research and education that advances responsible information and privacy management practices within business and government. Our mission is to conduct high-quality, empirical studies on critical issues affecting the management and security of sensitive information about people and organizations. We uphold strict data confidentiality, privacy, and ethical research standards. We do not collect any personally identifiable information from individuals (or company identifiable information in our business research). Furthermore, we have strict quality standards to ensure that subjects are not asked extraneous, irrelevant, or improper questions.

About Censinet

Censinet, based in Boston, MA, enables healthcare organizations to take the risk out of their business with Censinet RiskOps™, the first and only cloud-based exchange that integrates and consolidates enterprise risk management and operations capabilities across critical clinical and business areas. RiskOps builds upon the Company’s foundational success with third-party risk management (TPRM) for healthcare. Censinet transforms healthcare risk by increasing productivity and operational effectiveness while eliminating risks to care delivery, data privacy, and patient safety. Find out more about Censinet and its RiskOps platform at


Rob Ciampa
(617) 286-6785

Release Summary

Ponemon Ransomware Release


Rob Ciampa
(617) 286-6785