Healthcare's HNDL stakes are uniquely severe: PHI is sensitive over patient lifetime, often 60+ years. Encrypted traffic harvested today can be decrypted in the 2030s when those records are still actionable. These scores measure public-surface exposure only — internal east-west traffic, EHR integrations, and backup pipelines amplify these numbers 12-40×.
| # | Domain | Score | Grade | Sector | Freshness |
|---|---|---|---|---|---|
| 1 | nyulangone.org | 6.0 | D | — | stale (2d old) |
| 2 | stanfordhealthcare.org | 5.8 | C | — | stale (2d old) |
| 3 | pennmedicine.org | 5.8 | C | — | stale (2d old) |
| 4 | uclahealth.org | 5.6 | C | — | stale (2d old) |
| 5 | kaiserpermanente.org | 5.6 | C | — | stale (2d old) |
| 6 | mountsinai.org | 5.5 | C | — | stale (2d old) |
| 7 | northwestern.edu | 5.4 | C | — | stale (2d old) |
| 8 | providence.org | 5.4 | C | — | stale (2d old) |
| 9 | mskcc.org | 5.3 | C | — | stale (2d old) |
| 10 | cedars-sinai.org | 5.3 | C | — | stale (2d old) |
| 11 | clevelandclinic.org | 5.3 | C | — | stale (2d old) |
| 12 | massgeneral.org | 5.1 | C | — | stale (2d old) |
| 13 | uchicagomedicine.org | 5.1 | C | — | verified 35h ago |
| 14 | mayoclinic.org | 5.0 | C | — | stale (2d old) |
| 15 | houstonmethodist.org | 4.7 | C | — | stale (2d old) |
| 16 | hopkinsmedicine.org | 4.6 | C | — | stale (6d old) |
| 17 | atriumhealth.org | 4.6 | C | — | stale (2d old) |
| 18 | dukehealth.org | 4.4 | C | — | stale (2d old) |
| 19 | vanderbilthealth.com | 4.3 | C | — | stale (2d old) |
| 20 | intermountainhealthcare.org | 4.2 | C | — | stale (2d old) |
Run the same scan we use for this ranking. See your specific findings, get the migration steps, and track the domain so you know when your score improves.