Healthcare Industry plays a pivotal role in every one's life and with rapid advancements in cyber-attack vectors, threat actors and their strategies it has in-need created a necessity and a challenge to the numerous organizations and to the Governments as well, to stand guard and secure the institutes and the data stored with them. To design a secure healthcare system involves several considerations to protect sensitive patient data and ensure the confidentiality, integrity, and availability of information. Lot of work has been published on cyber security along with importance of protecting the Personally Identifiable Information (PII) and patient health records stored in hospitals, and also comparisons were made between paid or licensed tools and open source; however, implementation of the tools in real time was not in place where the financial limitations are a real concern and security is a need. This paper has given insight into important parameters such as risk assessment and security policies etc.