I know many medical devices are very very insecure

The Gambro Phoenix Dialysis machine has an administrative password that's the same for all systems in the world, it lets you do whatever you want, including things that could harm the next patient.

This was common, until the FDA rules update a few months ago.

I get 2-3 notices a year that my data was compromised. So worse than anyone else.

Fax is still very common for transferring patient health information between facilities.

That’s the most secure method

Egregiously bad. Remember wannacry?