EU Industry Benchmark
Healthcare
Anonymized security posture data for the healthcare sector across the EU. Based on 51501 monitored sites.
40.9
Avg. Score /100
D
Avg. Grade
51501
Sites Tracked
0.0
vs. EU Average
Critical findings in this industry
41781 of 51501 without HTTPS redirect
50600 of 51501 with unencrypted email (no STARTTLS)
51382 of 51501 without DMARC protection (spoofable)
22892 of 51501 missing 3+ critical security headers
44978 of 51501 without DNSSEC (vulnerable to DNS spoofing)
50206 of 51501 without CAA records (unrestricted certificate issuance)
51314 of 51501 without MTA-STS (email downgrade attacks possible)
Grade Distribution
Security across Europe
Average security score by country — hover for details, click to explore.
/100 · sites
Score by Country
Hosting & Data Residency
64%
EU-headquartered provider
36%
Non-EU provider (CLOUD Act / Schrems II)
Server location via IP geolocation (MaxMind GeoLite2). Company HQ from ASN registry. A site may be physically hosted in the EU but use a US-headquartered provider subject to the CLOUD Act — per Schrems II (CJEU C-311/18), this requires SCCs with supplementary measures. · GDPR Art. 44–49
All data is anonymized. No individual sites are identified. Statistics updated weekly.