Deliberate attacks generally target insurance data. You can't make much off of knowing someone got a booboo, but insurance fraud is a gold mine.
That isn't to say that ambient malware isn't finding its way everywhere else. The reality is that modalities (CTs, MRIs, etc.), are rarely patched, many are running ancient versions of Windows. Re-imaging systems--sometimes near daily at some facilities--is the normal strategy for addressing malware. Lack of support from the manufacturer being principally to blame. Most facilities have a strong concern for security but there's often an absence of adequately qualified IT staff to address the matter elsewhere in the facility.