Healthcare Field Lags In DMARC Adoption: Study

Healthcare emails are far from secure, according to a new study by Agari. 

The study found, for example, that 98% of the top health care companies have failed to protect their customers and business partners from phishing. And not many are utilizing Domain-based message authentication, reporting and conformance (DMARC).  

Agari analyzed the DMARC authentication posture of 549 large firms in the healthcare and pharmaceuticals fields.

It found that:

  • Healthcare is the most targeted sector, and that 92% of domains have carried fraudulent email.
  • Healthcare organizations lag in DMARC adoption — 77% do not utilize it. And of those that do, only two have law enforced-based policies to protect customers from getting fraudulent emails. However, while the percentage is low, there has been an 85% increase in enforcement.
  • Of the companies surveyed, 21% have a none (monitor) policy, allowing them to monitor, if not prevent, authentication abuse.  
  • Agari estimates that 98% of healthcare operators are vulnerable to digital deception. This leaves customers exposed to phishing and fraud, the company says.
  • A mere 1% have a quarantine policy, which redirect messages failing authentication to a spam folder, and the same percentages have a reject policy to block such messages. 



Next story loading loading..