The increasing number of cyberattacks on healthcare organizations has made it one of the most targeted industries . Existing security models are failing, particularly given the heterogeneity of hospital networks: legacy systems, unmanaged medical devices, shared workstations, remote access devices, work-from-home devices, and other machines. Many hospitals still operate Windows 10 or older devices, allowing attackers to penetrate systems and launch cyberattacks, violating regulatory and compliance standards (HIPAA, data protection) . Traditional perimeter-based security models are insufficient for modern healthcare environments.
This research analyses the integration of Zero-Trust Architecture (ZTA), Windows 11 security features, clinical workstation protection, and medical device compatibility in hospitals. Implementation aligns with NIST Zero Trust, ISO 42001, and HIPAA security and privacy rules , preparing hospitals for evolving cyber threats. This paper also suggests future research directions to enhance Zero Trust implementation using cloud technologies.