A patient portal is a protected web area where patients sign in to view records, send messages, manage appointments, pay bills, or access other account services. Because it handles personal and medical information, it is a high-value target for attackers and a sensitive point of control for defenders.
In cyber security, portals often sit on the public internet but connect to internal or regulated systems. That makes them part of the attack surface: if credentials are stolen, sessions are hijacked, or the web app is misconfigured, an attacker may gain access to private data or use the portal as a foothold into deeper systems. Defenders monitor login events, unusual resets, admin activity, and changes to web content, and they harden the portal with multifactor authentication, strong session controls, patching, and network segmentation. A secure patient portal helps preserve confidentiality, availability, and patient trust.



