On the heals of a year fraught with high-profile data breaches, the risk is now greater than ever, and within healthcare, the threat is “persistent and growing” and could reach $5.6 billion next year, according to a report from Experian.

It’s not hard to figure out why – an explosion of data and the realization that personal medical information is often more valuable to hackers than even credit card information.

“The expanding number of access points to protected health information and other sensitive data via electronic medical records and the growing popularity of wearable technology makes the healthcare industry a vulnerable and attractive target for cybercriminals,” the report stated. “Several factors suggest the healthcare industry will continue to be plagued with data breach headlines in 2015.”

Further complicating the picture for healthcare is the fact that many doctor’s offices, clinics and hospitals lack adequate resources to fend of attacks and safeguard patient information, the report said.

Healthcare is still lax compared to other sectors, too, when it comes to security. The report cites a memo from the FBI that was distributed to the industry, saying “the healthcare industry is not as resilient to cyber intrusions compared to financial and retail sectors, therefore the possibilities of increased cyber intrusions is likely.”

What’s more, in healthcare, employee mistakes are as big of a threat as cybercriminals, the report said.

“Employees and negligence are the leading cause of security incidents but remain the least reported issue,” the report said.

Internal mistakes accounted for 59 percent of all security incidents in the last year. As such, the industry can expect a rise in legal and regulatory scrutiny in 2015, according to the report. Making matters worse yet, currently only 54 percent of organizations say they conduct security awareness for employees.

Across all industries, a significant shift in accountability is underway when it comes to accountability, with cyber attacks having expanded from a “tech problem to a corporate-wide problem,” the report said.

“In 2015, scrutiny of corporate leadership’s management of security may continue to increase in the form of critical media coverage and legal and regulatory scrutiny in the wake of a major incident,” the report said.

There have been dozens of high-profile breaches, ranging from Sony’s recent woes to one of the largest hospital systems, Community Health Systems reporting a massive breach.