Threat Labs Report: Healthcare 2026

GenAI adoption in the healthcare sector has continued to follow the strong upward trend observed over the past year, signaling sustained momentum in how healthcare organizations integrate genAI into clinical, administrative, and operational workflows. This steady growth reflects increasing maturity and confidence in genAI technologies, as the sector aligns more closely with broader global adoption patterns.

At the same time, healthcare organizations have taken meaningful steps to reduce shadow AI risks by shifting users away from personal genAI accounts and toward organization-managed tools. Over the past year, the use of personal genAI applications has dropped sharply from 82% to 32%, while adoption of organization-managed genAI solutions has risen significantly from 12% to 56%. However, there is a growing overlap of users switching back and forth between personal and enterprise accounts, increasing from 5% to 10%. This trend suggests that organizations still have work to do to match the convenience, accessibility, and features that users expect, even as managed platforms become more widely adopted. This marked shift indicates stronger governance, improved oversight, and a growing preference for managed environments that enhance data protection, compliance, and risk control while still enabling innovation.

In the healthcare sector, the top genAI applications show a slightly different pattern compared to global trends. ChatGPT remains the most widely adopted genAI app, used by 68% of organizations. However, Microsoft Copilot has moved into second place at 63%, surpassing Google Gemini, which stands at 57%. This shift highlights the strong appeal of AI tools embedded directly into productivity and collaboration platforms within healthcare environments. The remaining leading applications include a mix of specialized and workflow-integrated AI tools designed to support clinical, administrative, and operational use cases.

The chart below illustrates how usage of the top genAI applications in the healthcare sector has evolved over the past year, highlighting notable shifts in platform preference. During this period, ChatGPT usage experienced a gradual decline, while Microsoft Copilot and Google Gemini gained momentum, reflecting healthcare organizations’ growing preference for tools embedded within productivity and clinical workflows.

At the same time, newer entrants are emerging quickly. Google NotebookLM has seen rapid uptake, reaching 30% adoption, signaling increasing interest in knowledge-focused and documentation-driven AI tools within healthcare environments. Overall, these trends reflect a diversifying genAI ecosystem in the healthcare sector, as organizations expand beyond early leaders and adopt a broader mix of integrated and specialized solutions.

As genAI adoption continues to expand across the healthcare sector, concerns around data exposure are becoming even more critical. Healthcare organizations rely on genAI for tasks such as summarizing medical documentation, generating reports, and supporting operational workflows, activities that often involve highly sensitive information and significantly expand the attack surface. As genAI becomes embedded in clinical and administrative processes, data protection remains a top priority, especially in the face of ongoing shadow AI risks.

Analysis of data policy violations in the healthcare sector shows that regulated data overwhelmingly dominates exposures, accounting for 89% of incidents, a figure significantly higher than the global average of 31%. Source code and intellectual property each represent 5% of violations. This distribution underscores the uniquely high compliance and privacy risks facing healthcare organizations and reinforces the urgent need for strong DLP controls and tightly governed genAI deployments.

Organizations across the healthcare sector are taking a cautious and highly risk-aware approach to genAI adoption, with many choosing to block specific applications due to security, privacy, and regulatory compliance concerns. While policies vary by organization, certain tools are restricted far more frequently than others, reflecting where perceived risk is greatest. In highly regulated environments like healthcare, blocking entire categories of genAI applications can provide more consistent protection than managing individual tools.

ZeroGPT is the most frequently blocked genAI application at 63%, followed by Particular Audience at 52%, a highly customizable AI platform originally built for retail search and personalization. Particular Audience’s adaptable, internally managed model architecture and limited transparency into how data is processed or retained may raise additional governance concerns in regulated healthcare environments. These patterns indicate that healthcare organizations are not only reacting to risks posed by specific applications but are also reinforcing broader governance strategies to ensure genAI usage aligns with strict privacy, security, and compliance requirements.