The Israeli Ministry of Health has restricted access to external artificial intelligence (AI) services in all hospitals across the country. The decision aims to strengthen the cybersecurity of the national healthcare system and prevent potential leaks of sensitive medical data.
The restriction was implemented in March this year, following an increase in cyberattacks against healthcare infrastructure during the "Lion's Roar" operation. Despite this, some medical staff are reportedly continuing to access AI platforms using personal smartphones and laptops.
Doctors note that AI has already become an essential part of their daily work. This technology significantly speeds up administrative tasks such as preparing discharge summaries, translating medical and scientific texts, summarizing research, and drafting presentations and grant applications. According to experts, these tools allow doctors to operate more efficiently by reducing the time spent on routine tasks. At the same time, most doctors emphasize that they do not use open AI systems for clinical diagnosis.
Experts believe that a complete block does not eliminate the risks associated with data security. In their opinion, the ban may, in some cases, redirect usage to uncontrolled personal devices, making risks more difficult to track.
Professor Shahar Sheli, a professor at the Technion University Faculty of Medicine and head of the Neurology Department at Rambam Medical Center, stated that while blocking implemented on corporate networks strengthens defense against external cyberattacks, it does not fully solve the problem of confidential data leaks. According to him, when a doctor transmits patient data to an AI system via a personal smartphone, this information is transmitted through channels that the medical institution can no longer control.
Professor Sheli believes that instead of strict prohibitions, the Ministry of Health should develop clear legal and technical standards for AI use, and precisely define which categories of medical data can be transmitted to these systems. This approach, he emphasizes, will more effectively serve both the implementation of innovations and the protection of data security.