Healthcare institutions, like other organizations and governments, have progressed from manual to computerized information management during the past decades. However, Swedish healthcare is characterized by a slowness in implementing digitalization, especially electronic healthcare record (EHR). The implementation of IT in healthcare has been tardy for a number of reasons. The security problem, especially with regard to the management of patient information, is one such cause. This paper includes an experience report concerning the security level of different healthcare providers in the Swedish healthcare sector. A number of investigations have been conducted in the Western region of Sweden: The results demonstrate security variances in information security as well as common deficiencies both at the technical and administrative levels. The authentication technique and the users’ lack of security awareness and education are the main weaknesses.