An independent cybersecurity review across major Texas hospitals and healthcare systems reveals a wide range of results. Many organizations handle sensitive communications daily, yet show significant gaps in email authentication and transport security.
Using data from audit.emailmenow.com, we evaluated each domain across email, website, and network security — including SPF, DKIM, DMARC, MTA-STS/TLS, and security headers.
Cybersecurity Scores of Major Texas Healthcare Systems
Overall compliance scores from audit.emailmenow.com, measured June 5, 2026. Re-run any domain at the link to verify.
| Rank | Organization | Domain | Overall Score | Performance Level |
|---|---|---|---|---|
| 1 | Houston Methodist | houstonmethodist.org | 85% | Strong |
| 2 | UT Southwestern | utsouthwestern.edu | 68% | Above Average |
| 3 | Christus Health | christushealth.org | 64% | Above Average |
| 4 | MD Anderson Cancer Center | mdanderson.org | 60% | Above Average |
| 5 | Baylor Scott & White | bswhealth.org | 60% | Above Average |
| 6 | Texas Health Resources | texashealth.org | 60% | Above Average |
| 7 | Memorial Hermann | memorialhermann.org | 51% | Average |
What the Results Reveal
- Scores span 85% down to 51% — only 1 of 7 organizations reach a “Good” (70%+) posture.
- 1 of 7 scored below 60%, leaving staff, students, patients, or clients exposed to phishing and impersonation.
- Weak authentication undermines the HIPAA Security Rule and increases ransomware and business email compromise risk.
See also — national audit
Recommendations
- Enforce DMARC, strict SPF, and DKIM; add MTA-STS and security headers.
- Document cybersecurity policies and staff training appropriate to your sector.
- Run periodic domain audits before incidents drive emergency remediation.
Check any organization’s posture. Run a free Instant Cybersecurity Audit at audit.emailmenow.com/?industry=healthcare-practices.
Contact EmailMeNow IT Consulting for help with email security hardening and compliance documentation.
Source & methodology: Overall compliance scores from the free scan at audit.emailmenow.com, measured June 5, 2026 — each domain checked for email authentication (SPF, DKIM, DMARC), transport security (MTA-STS/TLS), website security headers, and network security. Re-run any domain at the link to verify.