Healthcare’s Elite Penetration Testing Services Firm

Hacking attacks and breaches for healthcare entities impact patient safety, system availability and uptime, revenue generation, and regulatory compliance.

Ransomware attacks alone cost US healthcare organizations $20.8bn in 2020 and the average cost of a breach for healthcare entities is $7.13m per event.

Our penetration testing simulates the latest real-world cyberattacks on healthcare organizations and identifies your security exposures before malicious actors can strike.


  • Decades of experience hacking healthcare organizations
  • Safe testing methods to protect patient safety
  • Identify vulnerabilities common to the healthcare industry
  • Findings mapped for compliance with HIPAA, HITECH, PCI-DSS, & NIST
  • Aligned with industry standards like MITRE, OWASP, and OSSTMM
  • Advisors to ONC / HHS on ethical hacking
  • Comprehensive testing and reporting:
    • Multiple avenues of attack and entry
    • Manual testing from our highly specialized and certified team
    • Robust reporting with tech detail and terminology the business can understand
Quote Icon

Ethical Hacking engagement exceeded expectations this year.

They are particularly clever in their attacks. Even our internal defender was excited and thought it was awesome. They had curiosity and cleverness to an attack. Give very high marks.


Large Healthcare System on the East Coast

Quote Icon

I rate our relationship with Meditology a 5 out of 5.

On our Ethical Hacking engagement, everyone was extremely professional and I was very comfortable with the communication and appreciated the knowledge they had. I really enjoyed working with them and would want to work with them again.

Chief Information Officer

Health System on the East Coast

Quote Icon

The Meditology Team is 5-star.

We scheduled a call prior to the Pen Test, then pretty much let them go and tell us what they could find. We had everything scheduled in advance and coordinated, stuck to timelines. Good follow-up and discussions around the findings. And we took some actions and additional steps based on the findings to remediate these issues.


IS Info Security, Large Midwest Health Insurer

Quote Icon

The Meditology Team is 5-star.

Went into it expecting not to find a lot but at the same time expecting to find things I knew would come up, and they did, which is a good sign. We didn’t go down this road to just get a piece of paper – our customers want a 3rd party validation – we are very satisfied with the results.

Engineering Director,

Radiology Solution & Services Company

Quote Icon

Pen tests are extremely valuable on many levels.

Not just scan the network for things that could occur but things that do occur. Value in having Meditology as a partner is extremely high. We have already briefed the CIO and beginning on results roadmap so that level of value has been realized.


Cybersecurity Operations and CISO, Large Health System in the Northeast

Quote Icon

“You don’t know what you don’t know”

What Meditology brought to the table during our Ethical Hacking engagement was of exceptional value to our organization.

Information Services Security Manager

Large Health System in Texas

Quote Icon

We have been a repeat Meditology customer for 4 years

in InfoSec Risk Assessments and Ethical Hacking engagements because of the depth of experience they bring and the value they add. The Meditology Team always jumps in as partners with us.


Large Healthcare System on the East Coast

Quote Icon

For the cost of the Ethical Hacking engagement and what we got, the value was exceptional.

Everything went very well, very smoothly.


Revenue Cycle Management Company

Quote Icon

I’m very satisfied with our Ethical Hacking engagement.

Great communication, great engagement, and Team was easy to work with.

Director of IT Ops

Healthcare Claims Management Company

Quote Icon

Value of the Meditology Hacking engagement

Value of the Meditology Hacking engagement is providing us with opportunities to decrease attacks and take findings and remediation items to make everything safer.

Information Security Engineer

Academic Medical Center in the Northeast

Quote Icon

I am very satisfied.

The Meditology Team is focused on healthcare which we are as well, they do a thorough job, and they came recommended to us by a major children’s hospital who are also very happy with them. This is the second year we’ve done Ethical Hacking with Meditology.

Global Information Security Officer & Data Protection Officer

Dental Software and Practice Management Company

Quote Icon

Our Ethical Hacking engagement value was very good.

It was a strong effort, and will impact what we do going forward.


Not-for-Profit Healthcare Trade Association

Quote Icon

We would rather Meditology than a hacker find any issues.

Things were found but also the engagement reinforced the need to take action on some items, and brought to light issues to our upper leadership team that we need to get some things in place; it expedited it.


IS Info Security, Large Midwest Payor

Quote Icon

Onsite Health Diagnostics has relied on Meditology Services for HIPAA security risk assessment and penetration testing since 2014.

Meditology’s information security services have provided OHD’s customers and business partners with confidence in the seriousness with which we take the our responsibility to protecting their highly sensitive data. We have been more than pleased with Meditology’s professionalism, diligence and responsiveness, and we look forward to working with them for years to come. Since our founding, OHD has been dedicated to exceptional client service, providing stress-free employee health screenings and workforce health data analytics. Our clients, who include Fortune 500 corporations, hospital systems, financial institutions, state & local governments and small businesses alike, rely on OHD’s commitment to privacy and security when it comes to their employee health data.

Kyle Alexander

CEO, Onsite Health Diagnostics

Quote Icon

Dartmouth-Hitchcock has partnered with Meditology Services since 2012.

Over that period of time, they have helped with multiple projects, both large and small, repeatedly delivering as promised. We have come to trust their insights regarding regulatory issues and their vast experience of the healthcare industry when developing security policies, strategies and budgets. We regularly use their ethical hacking skills to test the effectiveness of our security program.  In summary, they have earned our trust and become an integral part of our security toolset.

Peter Merrill

Director of Information Systems, Dartmouth-Hitchcock Medical Center

Quote Icon

“We have been a repeat Meditology customer for 4 years in InfoSec Risk Assessments and Ethical Hacking engagements because of the depth of experience they bring and the value they add.

The Meditology Team always jumps in as partners with us."


Large Healthcare System on the East Coast

Quote Icon

“100% satisfaction with the Meditology ethical hacking team. Extremely adaptable.

Very impressed, every ask we had Meditology Team found a way to get it done.”

Sr. IT Project Manager

Large Healthcare Payer Organization with Multi-hospital Health System