- Netskope -Aport Find almost all health workers use AI tools trained on user data
- HIPAA protected information, passwords, ip and more at risk
- Organizations need to approve AI tools faster
New research from Netskope has blamed health workers for putting their businesses at risk of regular attempts to upload sensitive and regulated data to non -approved locations, including generative AI chatbots like Chatgpt and Gemini.
Highlighting the scope of non -approved tool use revealed the report that 96% of the respondents used apps utilizing user data for training.
In addition to the use of non -approved Genai tools, many violations also came from uploads to personal OneDrive or Google Drive Cloud Storage accounts.
Health workers put your data at risk
The figures claim that 81% of all violations of data protections for privacy on regulated health data such as HIPAA protected information, while 19% involved passwords, source code or intellectual property.
More than two-thirds of Genai users in health care also admitted to having used their personal AI accounts to send sensitive data while at work, which potentially refers to their frustration over confusing regulation and delayed processes.
Netskope noted, “This behavior prevents security team’s visibility over Genai-related activity among their staff.”
“Health organizations must balance the benefits of Genai with the implementation of security and data protection protections to mitigate these risks,” explained Netskope threat Labs cloud threat researcher Gianpietro Cutolo.
Looking ahead, research requires faster implementation of organizational approved Genai applications to reduce the use of Shadow AI-one trend that already begins to slow down, reducing from 87% to 71% in the past year.
Data Data Prevention (DLP) is also an effective strategy to monitor and control access to Genai applications, with more than half (54%) of organizations now using DLP policies compared to 31% last year.
Cutolo summarized: “Health organizations are making progress, but still focusing on safe, company -approved solutions will be critical for ensuring that data remains protected in this developing landscape.”
