Shadow AI is outpacing healthcare email security

25% of healthcare organizations have not formally approved any staff use of AI in email.

94% of healthcare organizations have begun updating security policies to address generative AI threats in email.

69% of healthcare IT leaders feel pressured to adopt AI faster than they can secure it.

75% of healthcare organizations say AI has added confusion, not clarity, to email compliance.

58% of healthcare organizations have not signed a BAA for an AI email tool so far.

Only 16% of healthcare organizations have trained most of their staff (75-100%) who have access to PHI on AI usage in email.

62% of healthcare IT and compliance leaders have observed staff experimenting with ChatGPT or similar tools even though they’re unsanctioned.

21% of respondents from healthcare organizations believe a Business Associate Agreement (BAA) isn’t required for an AI email assistant.

95% of healthcare organizations report staff are already using AI tools.

83% of healthcare IT and compliance leaders have raised concerns about AI security.

16% of healthcare IT and compliance leaders admit compliance was never consulted before AI email tools were enabled.

41% of healthcare IT and compliance leaders feel confident they could detect improper AI use before a HIPAA violation occurs.

Only 42% of healthcare organizations have signed a Business Associate Agreement (BAA) covering any AI assistant used in email.