There was an internal email circulated about the poor quality of encryption used at two health care providers.
https://www.ssllabs.com/ssltest/analyze.html?d=www.blueshieldca.com&s=165.253.34.12&latest
https://www.ssllabs.com/ssltest/analyze.html?d=healthy.kaiserpermanente.org
How can they be so careless?