From Regulation to Resilience: How Health Systems Can Secure Data in the AI Age

From Regulation to Resilience: Best Practices for Securing Healthcare Data in an AI Era

Healthcare attacks are rising fast. Intrusions are up 23% year-over-year, per the CrowdStrike 2025 Threat Hunting Report. AI makes phishing, credential theft and lateral movement easier for attackers. With outcomes and trust on the line, security needs budget, time and focus - now.

The policy shifts you need to track

The proposed Healthcare Cybersecurity Act of 2025 would formalize HHS-CISA coordination, expand real-time threat sharing and fund provider training. Expect short-term compliance lift, especially for rural and independent hospitals, with long-term gains in incident response.

America's AI Action Plan treats AI leadership as a national security priority and encourages wider data sharing. That collides with minimum-necessary access in healthcare. Large models want more data; your duty is to limit exposure and prove control.

The proposed HIPAA Security Rule update would raise the bar on risk analysis documentation, incident notifications, email MFA and encryption for ePHI at rest and in transit. Security improves, operational overhead increases - plan for both.

Data transfer restrictions to foreign adversaries will push vendors to prove where data lives, who touches it and how it's used. Tighten contracts and keep an eye on cross-border flows.

• CISA Healthcare and Public Health guidance
• White House AI policy resources

How AI changes your security posture

AI raises the stakes on governance. Define who can use which models, what data they can touch, where that data resides, how outputs are logged and reviewed, and how incidents are handled. Treat model access like any other high-risk system.

Automation helps. AI-driven detection and response can flag a suspicious login, quarantine an endpoint and enforce policy before humans even see an alert. Done well, that shortens dwell time and limits blast radius.

AI also concentrates risk. Central data lakes for model training are high-value targets. Without strong isolation, de-identification and access controls, a single foothold can expose millions of records.

Watch automation bias. Keep humans in the loop with clear review steps. Over-trusting alerts or model outputs creates gaps attackers will exploit.

Common weak points in health systems

• Legacy tech held together by exceptions and one-off patches.
• Device sprawl across IoMT, wearables and shadow IT that expands your attack surface.
• Talent gaps and limited time for training, leaving staff vulnerable to social engineering.
• Data and security teams working in silos, creating blind spots in inventory and controls.

What good looks like: essential controls

• MFA everywhere, starting with email, VPN, EHR, admin consoles and privileged accounts.
• Zero trust: least privilege, continuous verification, conditional access and strong identity proofing.
• Encryption for ePHI in transit and at rest; managed keys and strict key rotation.
• Network segmentation and secure enclaves for AI training data and model infrastructure.
• EDR/XDR with AI-assisted detection and automated response playbooks.
• Complete asset inventory, including IoMT and unmanaged devices; block or isolate unknowns.
• Third-party and cloud due diligence: data residency, model training rights, logging, and breach clauses.
• Continuous risk analysis, red/blue team exercises and tested incident response with on-call rotations.
• DLP and data classification with guardrails for model prompts and outputs.
• Privileged access management, secrets vaulting and session recording for admins and developers.
• Resilient backups (immutable/offline) with routine recovery drills and RTO/RPO targets.
• Timely patching supported by safe maintenance windows for clinical operations.

A 90-day action plan

• Days 1-30: Map your crown jewels (EHR, PACS/VNA, data lake, identity systems). Enforce MFA on email and VPN. Freeze new data feeds into AI pilots until access reviews are complete.
• Days 31-60: Segment critical systems. Stand up automated incident response for credential theft and lateral movement. Start a device inventory sweep with NAC/MDM/IoMT tools.
• Days 61-90: Run a tabletop exercise that includes AI data loss and ransomware. Patch the top 10 high-risk systems. Update BAAs to address data residency and model training rights.

Metrics that matter

• Mean time to detect/respond (MTTD/MTTR) and percentage of automated containment.
• MFA coverage across identities and systems.
• Patch latency for internet-facing and high-risk assets.
• Phishing failure rate and time to complete remediation steps after tests.
• Number of unknown/unsanctioned devices discovered and isolated.
• Incident response drill frequency and findings closed on time.

Upskill the team

Security is everyone's job - from registration to revenue cycle to bedside care. Provide concise, role-based training on phishing, data handling, AI prompts and model risks. Make it recurring, test it and reward improvement.

If you're building AI capability, add focused learning tracks for clinicians, data teams and IT. Curate short courses that cover safe data use, prompt practices and oversight. You can explore practical options by role here: Complete AI Training by job.

Partner smart

If your team is thin, bring in a partner for 24/7 monitoring, risk analysis, tabletop exercises and AI governance. Require clear SLAs, reporting and knowledge transfer so your staff gets stronger over time.

The path is clear: raise your baseline, lock down data used by AI, and test your response until it's second nature. Regulations are tightening and attackers are faster. Move first.