If MedSecure's password policy produces passwords similar to the RockYou distribution (mostly 8 characters, lowercase with digits), a password audit will reveal widespread weakness.