- Netskope report finds almost all health workers use the tools of the AI trained in user data
- Information protected with hypa, passwords, IP and more at risk
- Organizations need to approve the fastest AI tools
New Netskope investigation blamed health workers for putting their companies at risk by trying to regularly load confidential and regulated data to unpropped locations, including generative chatbots such as Chatgpt and Gemini.
Highlighting the scope of the use of tools not approved, the report revealed that 96% of respondents used applications that take advantage of the user data for training.
In addition to the use of Genai tools not approved, many violations also arose from loads to personal storage accounts of OneDrive or Google Drive clouds.
Health workers are putting their data at risk
The figures claim 81% of all the violations of privacy of the data involved regulated health data, such as information protected by Hipa, while 19% involved passwords, source code or intellectual property.
More than two thirds of Genai users in medical care also admitted to having used their personal AI accounts to send confidential data during work, which can refer to their frustration regarding confusing regulation and delayed processes.
Netskope said: “This behavior is hindering the visibility of safety equipment on Genai -related activity among their staff.”
“Medical care organizations must balance Genai’s benefits with the deployment of data safety and data protection to mitigate those risks,” said Netskope Labs Labs Gianpietro Cutolo threat researcher.
Looking towards the future, research requires a faster deployment of Genai applications approved by the organization to reduce the use of the AI of shadows, a trend that is already beginning to decrease, reducing from 87% to 71% during the past year.
Data loss prevention policies (DLP) are also an effective strategy to monitor and control access to Genai applications, with more than half (54%) of organizations that now use DLP policies compared to 31% last year.
Cutolo summed up: “Medical care organizations are progressing, but the continuous approach in the safe solutions and approved by the company will be essential to ensure that the data remains protected in this evolutionary panorama.”
