Are Healthcare Portals Secure Enough?

Consumer Survey Reveals Gaps in Consumer Portal Utilization and Perceptions of Security

Balancing  Convenience and Security: What 3,000 Consumers Told Us About Healthcare Portals

Digital health portals – to access online platforms such as health systems, health plans, hospital mobile apps or websites , pharmacies, clinical trials, digital health and wearable apps. –  are quickly becoming the front door to healthcare. From scheduling appointments and refilling prescriptions to reviewing lab results and messaging doctors and healthcare providers, healthcare portals hold the power to make healthcare more convenient and accessible. For healthcare organizations, they also offer a way to contain operational costs, support value-based care and improve health outcomes. 

Despite their potential, healthcare portal adoption still lags. Many consumers aren’t using portals regularly   – or at all.

At the same time, the rise in digitization of patient data has made the healthcare industry an appealing target for cybercriminals. With vast amounts of sensitive patient data and often outdated digital security , the healthcare sector is especially vulnerable to cyberattacks.  . 

Consumers want their healthcare experiences to be as easy as booking a flight or managing a bank account, and they want to feel confident that their personal health information is protected. Striking that balance between convenience and security has never been more critical.

To better understand how consumers use healthcare portals and their perceptions of digital security, LexisNexis® Risk Solutions commissioned a nationwide survey of more than 3,000 adults. The findings reveal a clear tension between healthcare portal use and consumers’ perceptions of data security.

Confidence in Portal Security: Users vs. Non-Users

The survey examined respondents’ perceptions about healthcare data protection broadly, along with their confidence in the integrity and security of healthcare portals. When it comes to the security of their health information within portals, respondents’ confidence levels varied significantly between those who use a portal and those who don’t.

49% of non-portal users said they lacked confidence in the security of their data on healthcare portals, compared to 11% of portal users . This gap demonstrates a key opportunity for healthcare organizations. By educating non-users about security protocols and demonstrating a strong commitment to data protection, organizations can help ease concerns and drive broader adoption of digital health portals. To address consumer confidence in portals, and better engage non-users, organizations have an opportunity to provide more education, evaluate security solutions that can support both human and digital interactions, and demonstrate a strong commitment to safeguarding personal health data. 

How People Use Portals and Why Many Don’t

As people take a more active role in managing their health, digital tools like portals play an essential role. The survey examined the frequency that people use portals and what drives or prevents their use.

When asked how often people access their healthcare portals, 49% of respondents reported using a healthcare portal less than once per month. 16% have never used a portal.

Top reasons for portal use (among users):

  • 63% viewed test results.
  • 50% scheduled an appointment.
  • 42% messaged a provider.

Top reasons for not using a portal (among non-users):

  • 36% would rather talk to a human.
  • 27% lack awareness.
  • 17% have security concerns.

Passwords: Popular but Risky

When it comes to protecting sensitive health data, identity verification plays a crucial role, but consumer preferences don’t always align with the most secure methods. The survey asked people how they prefer to verify their identity when logging into healthcare portals and which methods they believe are most effective. 

A majority of respondents - 58% - said they prefer using a username and password. Further, 52% believe that this method is the most secure form of identity verification. 

The results illustrate a disconnect between perception and reality:

  • In 2022, hackers exposed over 24 billion passwords.1
  • One million passwords are stolen each week.2
  • 81% of company breaches use stolen or weak passwords.2

Data from the annual LexisNexis®  Cybercrime Report found that even though global cybercrime attack rates stabilized in 2024, consumer portals  remain a top target, which is also concerning for organizations and consumers using healthcare patient and member portals. The password reset attack rate in North America increased by 90% as cybercriminals attempt to gain access to existing accounts. In addition, 1 in every 11 new account creations is an attack. 

“The survey shows a clear gap between consumers’ perception of effective identity verification and the reality of how often usernames and passwords are compromised,” says Adam Mariano, president and general manager of healthcare, LexisNexis Risk Solutions. “This disconnect highlights the urgent need for more sophisticated, layered security measures that enhance user trust and convenience.”

Awareness Gaps: A Barrier to Adoption

Security isn’t the only hurdle to wider patient portal adoption; awareness is, too. The survey uncovered notable gaps in basic familiarity and understanding of healthcare portals among certain demographic groups.

Awareness is lowest among non-user lower income individuals, with 32% of respondents making less than $50K a year saying they didn’t know they had a portal or didn’t know how to use it. 41% of non-user 18-34-year olds don’t use a portal because they didn’t know they had one or didn’t know how to access it.

Healthcare portals and other digital health tools are essential for empowering people to make informed decisions, more easily manage their healthcare and ultimately live healthier lives. This lack of awareness of healthcare portals underscores the need for targeted education and outreach to build broader adoption and trust in digital health tools. 

The Case for Smarter, Safer Identity Verification 

To address imminent cybersecurity threats, organizations need to modernize their systems by investing in upgraded identity verification solutions that are not only secure, but also easy to use. A strong defense against cybercriminals should bring together data, generative AI, predictive analytics and a strong understanding of the evolving cybersecurity threat landscape. These solutions will enhance patient privacy and trust without disrupting the patient experience. That’s how healthcare organizations build both trust and adoption in patient portals.

Key Takeaways:

  • LexisNexis® Risk Solutions commissioned a survey of more than 3,000 consumers to understand how they use digital healthcare portals and their perceptions of digital security.
  • Nearly half of non-portal users lack confidence in the security of healthcare portals.
  • Despite their vulnerability to cyberattacks, more than half of respondents prefer usernames and passwords for verifying identity, which may suggest a significant awareness issue about username and password vulnerabilities.
  • Awareness gaps – especially among younger and lower-income individuals – remain a major barrier to portal adoption.
  • Strong, layered identity verification methods are essential to protecting healthcare data without sacrificing ease of use.
  • Healthcare organizations have a clear opportunity to build trust through education, outreach and modern portal security solutions.

In  the Healthcare Portal Utilization and Security Consumer Insights Report, discover how often consumers are using healthcare portals, reasons why they don’t use portals and perceptions of healthcare data security. Explore the full findings.

 

References:

  1.   https://us.norton.com/blog/privacy/password-statistic
  2.   https://tech.asu.edu/features/dont_pass_on_password_protection
     

Contact Us

Please fill out the form below and we'll be in touch shortly, or call us for immediate assistance at
1-866-396-7703