Ninety four percent of US 80 health care organisations were breached in the past two years according to a study from the Ponemon Institute.
Another 45 percent sustained more than five breaches.
The breaches were due to lost devices, worker- or third-party-induced errors, and malicious hacking.
It cost the US health care industry some US$7 billion (A$6.6 billion) per year.
Spectrum Health CISO Larry Whiteside said attackers targeted health care organisations more frequently as the value of patient data rises.