Skip to content
Tech News
← Back to articles

Shadow AI in Healthcare is Here to Stay

2026-04-06 | original
read original get AI Healthcare Assistant → more articles
Why This Matters

Shadow AI in healthcare presents a significant security risk by introducing unvetted tools that can lead to data breaches and expand attack surfaces. As healthcare providers increasingly rely on AI for critical tasks, unmanaged and unauthorized AI use complicates cybersecurity efforts, especially during ransomware recovery. Addressing shadow AI is essential for safeguarding sensitive patient data and maintaining operational resilience in the industry.

Key Takeaways

The healthcare industry must get ahead of pervasive shadow AI risks that only exacerbate recovery challenges when ransomware and other disruptive cyberattacks inevitably hit.

Physicians, doctors, and clinicians use unsanctioned artificial intelligence (AI) tools and chatbots to boost efficiency in a job where shaving a second off could mean saving someone's life. But security teams can't monitor for potentially damaging threats if they don't know the tools are running in the environment, hence the term shadow AI.

When healthcare professionals use personal devices, unvetted tools, or public large language models (LLMs) they risk introducing new vulnerabilities and expanding attack surfaces. Those threats could lead to data leaks, breaches, and highly sensitive protected health information entering unmanaged environments.

Shadow AI is one risk that Joe Izzo, chief medical information officer for San Joaquin General Hospital, wants to get ahead of, he said during RSAC 2026 Conference last month. Healthcare professionals adopt AI tools to help with dosing, information retrieval, medical searches, and clinical summaries, said Izzo, noting that he's also observed the use of billing cycle assistant tools.

Related:Manufacturing & Healthcare Share Struggles with Passwords

Many of them are not dangerous or necessarily bad, added Izzo. But their unvetted uses, lurking in the shadows, pose heightened security challenges. Raising awareness and using AI securely will help when hospitals are in the throes of ransomware recovery and dealing with enough chaos as it is, he noted.

Shadow AI constitutes a two-fold problem, says Aviatrix CEO Doug Merritt. It doesn't just create a visibility gap; it also creates workloads with unlimited blast radiuses because of the significant privileges these tools require, particularly AI agents.

AI infrastructure isn't strong enough in some places currently, but shadow AI compounds the problem, Merritt tells Dark Reading. And environments for healthcare "hold the most sensitive data in any industry," he says.

“Use AI, Use AI”

Shadow AI activity is ramping up as burnt-out healthcare professionals, working under growing pressures, look to ease burdens. As in other industries, executives are also pushing employees to use AI to boost productivity.

... continue reading

Explore topics: shadow ai san joaquin general hospital large language models ransomware cyberattacks
Related:
Shadow AI in Healthcare Is Here to Stay
Germany Doxes "UNKN," Head of RU Ransomware Gangs REvil, GandCrab
OWASP GenAI Security Project Gets Update, New Tools Matrix
Microsoft links Medusa ransomware affiliate to zero-day attacks
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

© 2026 GoKawiil

About | Editorial Policy | Contact