A new report from SOTI reveals that 89% of IT leaders in Swedish healthcare say their organization experienced at least one security incident in the past year. Seven out of ten report external intrusions—an unchanged high level compared with last year. The share reporting internal data incidents has declined slightly. Despite some positive signs, concern about IT security is growing, and outdated systems are increasingly cited as a major risk factor.
SOTI’s healthcare report “Vårdens digitala dilemma: Kalkylerad risk och dolda utmaningar avslöjade” is based on interviews with 150 Swedish IT decision-makers and provides an up-to-date picture of technology, security and digitalization within Swedish healthcare.
Security incidents remain high, but there are small positives
This year’s report shows that external security incidents in healthcare remain consistently high. Seven in ten organizations (71%) report having experienced external intrusions or DDoS attacks during the past year—exactly the same level as in 2024.
In contrast, internal security incidents have decreased overall. In 2024, 69% reported some form of internal security incident; this year the corresponding figure is 60%.
The reduction is mainly seen in planned internal incidents. The report shows a significant year-on-year decrease of 54%—from 41% in 2024 to 19% this year. Unintentional incidents remain roughly at the same level: half (52%) report having experienced accidental incidents during the year, compared with 47% last year.
“IT security in healthcare remains under severe pressure, and the demands on IT and security teams in the sector are increasing. Healthcare organizations operate a vast number of technical devices that can represent potential vulnerabilities, while sensitive patient data is an attractive target for cybercriminals. To prevent and mitigate attacks, modern and secure systems that are prepared for today’s threat landscape are required,” says Stefan Spendrup, Head of Northern and Western Europe at SOTI.
IT leaders are increasingly worried about security
Security is becoming a higher priority for healthcare IT organizations. Twenty-seven percent of respondents say data security is their greatest concern, up from 21% in 2024. Nearly one in five respondents (19%) still lack the ability to detect new devices that connect to the network. Although this is an improvement from 28% last year, it remains a significant security risk.
Outdated systems identified as a key risk
The report highlights outdated IT systems as an increasingly clear risk factor for healthcare IT security. Ninety-eight percent of respondents report that their organization uses legacy systems (97% last year). Awareness of the risks posed by outdated systems has increased substantially: 55% now say legacy systems make their networks more vulnerable to security incidents, compared with only 25% last year. This more-than-doubled share indicates growing recognition of how aging IT infrastructure affects security.
“It’s encouraging that more organizations recognize the important link between systems and security. Many healthcare providers are stuck on older systems, making it difficult to maintain visibility and control of their IT environments. With modern IT solutions, healthcare can gain real-time insight into devices and applications and respond quickly to anomalies and issues. In a field where every minute matters, IT security must be proactive,” says Stefan Spendrup.
Summary of this year’s findings
89% report their organization experienced at least one security incident since 2023 (91% in 2024)
71% have suffered external intrusions or DDoS attacks (unchanged from 2024)
60% have experienced internal security incidents (69% in 2024)
- 52% accidental (47% in 2024)
- 19% planned (41% in 2024)
98% report using outdated IT systems (97% in 2024)
55% say outdated technology increases vulnerability (25% in 2024)
27% say data security is their biggest IT-related worry (21% in 2024)
19% cannot detect new devices on the network (28% in 2024)
Download the report here: Vårdens digitala dilemma: Kalkylerad risk och dolda utmaningar avslöjade
Report methodology
SOTI’s 2025 healthcare report is based on an international survey of 1,750 IT decision-makers across eleven countries, offering a current view of how the healthcare sector is digitalizing. The survey included 200 respondents each from the US and the UK, and 150 respondents from Sweden, Canada, Mexico, Germany, France, the Netherlands, Australia, Italy and Spain.
About SOTI
SOTI is an established innovator and industry-leading provider of solutions for business-critical mobility. With an innovative product portfolio of smart, fast and reliable solutions, SOTI helps customers streamline mobile operations, maximize ROI and minimize downtime. Serving more than 17,000 customers worldwide, SOTI is a recognized provider of mobile platform services for device management, security and support of business-critical devices. With world-class support, SOTI’s customers can elevate their mobility to a new level.