Sonic Healthcare Balances AI Opportunities and Cybersecurity with a Zero Trust Architecture

A global leader in healthcare, Sydney-based Sonic Healthcare recognizes how Artificial Intelligence (AI) and AI-first operations are reshaping the industry and are proactively leveraging these technologies to better serve our patients and enhance our operations. We use AI agents to help improve patient engagement, enhance diagnostic accuracy, and reduce administrative burden. We have fully integrated machine learning (ML) and AI into our operations—from our general practice and corporate medicine to laboratory medicine, pathology, radiology, and other specialties.  As such, we have shifted our approach from unmanaged AI usage to secure AI usage. Adopting the Zscaler zero trust approach to AI security enables us to balance oversight with regulatory requirements. 

AI: An ally for healthcare practitioners and patients 

Healthcare providers are using AI as a “digital colleague” to complement human expertise by offering benefits such as personalized treatment plans, real-time monitoring of health metrics, better diagnostics, efficient administration and improved ailment detection. Patients are also more empowered through access to AI-driven mobile apps that monitor their health metrics. They can have their queries answered by chatbots and even consult with doctors remotely. Using ambient documentation technology (AI-powered tools that record patient visits in real time), medical consultations are automatically converted into structured notes, reducing manual documentation and increasing provider productivity. Autonomous agentic AI helps with diagnosis and patient scheduling, easing the burden on available resources while meeting diagnostic demands.

With AI technologies, healthcare organizations have access to: 

• Real-time predictive analytics with continuous monitoring, ensuring timely treatment and diagnosis
• Optimized workflows with ambient AI tools that streamline repetitive administrative tasks
• Improved diagnostic accuracy through AI algorithms that excel in complex pattern recognition in medical imaging
• Faster disease detection and diagnosis by flagging abnormalities in imaging in real time
• Personalized treatment plans through processing of extensive patient data to enable customized treatment plans

Hesitancy in AI adoption 

As the AI toolbox for healthcare expands to support practitioners and patients by analyzing vast datasets, there is still significant resistance to its adoption. The healthcare industry is a prime target for ransomware and AI-enabled threats, causing concern about potential compromise of sensitive medical and personal data. Moreover, with heavy administrative loads, “shadow AI tools” that bypass IT oversight are commonly used, risking sensitive data exposure. 

Another reason for mistrust in AI is the use of legacy Electronic Health Records (EHRs) that prevent AI tools from melding seamlessly into the workflow. Replacing these legacy systems with AI tools would mean high upfront investments. Additionally, there is a lack of skilled resources to develop and maintain new AI systems.

Organizations also face the issue of fragmented, inconsistent data that undermines data quality and model performance. Existing data models often eliminate large sections of the population, leading to algorithm bias, amplifying societal inequalities, and causing an ethical dilemma. Alongside, there is a requirement to comply with stringent regulations like General Data Protection Regulation (GDPR), Australian Privacy Principles, Health Insurance Portability and Accountability Act (HIPAA) and the new EU AI-act. 

What is the way forward? 

Taking a proactive approach toward secure AI adoption will enable healthcare organizations to take full advantage of its game-changing opportunities with confidence.

Instead of implementing a blanket ban, healthcare providers can integrate these tools into their framework to augment human expertise. AI tools can help providers ease skill shortages, improve prioritization and demonstrate tangible metrics with faster diagnostics, increased efficiencies, and cost savings. By blocking AI tool usage altogether, they run the risk of “shadow AI,”, with no organizational oversight and the potential for elevating risk. Instead, by approving secure usage of AI tools, organizations can help maintain both security and regulatory compliance.

Zero trust: the panacea for combating AI-powered threats 

In an era where AI is reshaping industries, healthcare providers must break through any reluctance they have to embrace AI and remain competitive. Finding the right security partner who can mitigate risk with zero trust architecture will help align AI technology with a human-centric approach. Most organizations that adopt AI tools, use them to enhance, rather than replace human insight. They implement the 70/30 rule, where AI is deployed to handle 70% of repetitive, data-heavy tasks and healthcare professionals retain 30% of the tasks. 

At Sonic Healthcare, we have moved the needle by shifting to zero trust, which delivers the optimal data protection and cybersecurity defense, along with automation and productivity gains. Zero trust is a proven framework that has at its core the principle that trust must be continuously earned through verification and not granted by default at one single point of time based on network location. With granular cloud access security broker (CASB) rules, we can enforce precise block and allow policies over AI application usage, AI, user data activity, and file-level security. 

With zero trust AI security embedded in our architecture, AI applications and agents are continuously authenticated and verified. Using ML, behavioral baselines are established to flag subtle anomalies and prevent threats. Through micro segmentation, AI workloads are isolated to protect against potential breaches. This ensures automated containment so malware cannot move laterally from a compromised device. Moreover, patient data is fortified by least-privilege access, so AI tools can only access information required for the task at hand.

Zero trust enables us to use AI tools responsibly and confidently, without putting the organization or and our patients at risk. At Sonic Healthcare, integration of AI tools is an evolutionary journey. While I advocate AI adoption, I want to reiterate that blind adoption of AI is not the call. Partnering with the right experts for a zero-trust security framework will allow healthcare organizations to define the scope for its AI implementation within their unique environment and determine specific guardrails for users to access AI and data resources. 

An optimal zero trust strategy balances AI advancements with data protection, supporting a patient-centered approach.

Explore how Zscaler secures AI innovation for healthcare organizations

To learn more about how you can secure AI while enabling innovation, download our “Securing Healthcare’s AI Revolution” ebook.

The ThreatLabz 2026 AI Security report found that the healthcare industry generated the most AI/ML transactions by volume. Read the full report.   

Learn more about Zero Trust to Modernize Healthcare Cybersecurity.