The healthcare industry is currently characterized by a high-stakes paradox. On one hand, there is a feverish race to adopt AI to solve systemic issues such as clinician burnout, diagnostic accuracy, and operational efficiency. On the other hand, this rapid acceleration is occurring over a foundation of legacy infrastructure and “shadow” behaviors that threaten to create more problems than they solve.
At Netskope, we recently surveyed North American IT leaders within the healthcare sector to understand this momentum. The findings reveal a landscape of strong adoption meeting significant operational friction. The central question for every CISO and CIO today is no longer “Should we use AI?” but rather: “How do we govern AI innovation before it derails our security?”.
The velocity of adoption vs. the gravity of risk
The momentum of AI in healthcare is undeniable. Our research shows that 67% of healthcare organizations are already building their own AI applications, while 52% have signed off on standalone AI apps and are actively integrating AI into their existing SaaS platforms. ThisĀ indicates a fundamental re-architecting of the healthcare IT stack.
However, this race is being run with a significant blind spot. Half of all healthcare organizations report using AI without any corporate oversight. This phenomenon (known as shadow AI) creates a massive unmanaged attack surface. When clinicians or administrative staff input patient notes into unmanaged LLMs to save time, they are inadvertently putting sensitive patient data at risk.
Perhaps most concerning is the gap in perceived risk. While 50% of organizations are operating in the shadows, only 52% of leaders expressed concern about data leakage from shadow AI. This lack of alignment between usage and oversight is a ticking time bomb for regulatory non-compliance.
The technical debt tax
Why is this oversight so difficult to achieve? The infographic highlights a sobering reality: Legacy infrastructure and technical debt are hampering progress.
– 49% of healthcare leaders report that their current infrastructure is slowing down new AI initiatives.
– 28% say legacy systems are actively holding back innovation.
– One in three highlight budget constraints as their biggest operational challenge.
Healthcare leaders are being squeezed from both sides. There is intense boardroom pressure to rush AI adoption (51%), yet they must navigate this while worrying about AI hallucinations impacting clinical decision-making (51%) and the inevitable data sprawl that follows rapid tool proliferation.
Moving from friction to freedom: modern security architecture
To answer whether AI will create more challenges than it solves, we must look at the security architecture supporting it. Traditional, perimeter-based security is insufficient for an AI world where data is constantly in motion between clinicians, cloud apps, and third-party models.
The path forward requires a shift toward modern security architectures, specifically zero trust and secure access service edge (SASE). These frameworks are the governance layer healthcare needs to make innovation safe and experimentation possible.
According to our survey, healthcare leaders who have embraced these modern architectures are seeing the benefits they actually want:
– 46% report better network performance to support the hybrid healthcare workforce.
– 40% are able to accelerate the launch of new products and services.
– 38% report significant operational efficiency and cost reduction.
Securing the future of patient care
The goal of AI in healthcare must clearly be to improve patient outcomes, and patient care is intrinsically affected by data integrity and system availability. A breach caused by mismanaged AI use is a patient safety issue.
Modern security architectures allow healthcare organizations to:
– Govern AI use: Gain visibility into what AI tools are being used and by whom, shining a light on shadow AI.
– Protect patient data: Ensure that Protected Health Information (PHI) is never leaked into public AI training models.
– Ensure compliance: Maintain a strict audit trail of data interactions to satisfy evolving regulatory mandates.
TL:DR
Healthcare organizations are racing to adopt AI, and the challenges are real. But these challenges are not insurmountable. By moving away from brittle legacy infrastructure and toward a unified, zero trust SASE platform, healthcare leaders can stop fighting AI and start leveraging it as a competitive differentiator.
Innovation doesn’t have to come at the expense of security. When you secure the data, you empower the clinician. When you empower the clinician, you protect the patient.
Take a look at our infographic for a more detailed breakdown of the research findings.