Many popular electronic healthcare record (EHRs) systems and identity access and management (IAM) software supporting e-prescriptions require the use of Java, factors which could account for the higher installed base. But this is bad news for security because Java browser plug-ins are a popular exploit route for hackers.
I strongly suspect that the writer is confusing the word "popular" with "common".
As for requiring Java, this is because these systems were designed and written by utter fuckwits who wanted to do the "modern web thing" but couldn't get the concept of web delivery and "applications" using a standard HTML interface (where we shouldn't have dumb OS dependencies) as they were too hung up on traditional windows applications. So instead they tried to write web applications as if they were rich client applications but in order to get the degree of stupid/control in the interface they found they could only do this using Java, which "obviously" wasn't a problem because it's multi-platform, right? Frustratingly we have a continuation of this level of fuckwittery but instead of Java, "rich client applications" are being coded in JavaScript. Same concept, same stupidity.