This document discusses the risks of cybercrime for healthcare organizations and patient data. It begins by outlining how cybercrime has increased risks to patient data and the liabilities organizations face for data breaches or non-compliance. It then provides examples of real data breaches and the large fines organizations have faced. The document recommends that organizations perform risk assessments, have outside security reviews, implement key security controls like strong authentication and encryption, and educate employees on security policies and controls. Regular re-assessments are also advised to address evolving threats.