Back to Intelligence

Securing IHH Healthcare AI Deployments: Defending Clinical Workflows & RPA Integration

SA
Security Arsenal Team
May 26, 2026
4 min read

Healthcare AI adoption is scaling. Defenders must secure data pipelines and verify vendor controls for tools like Suki and Covera.

Introduction

The recent acceleration of AI adoption across Asia-Pacific healthcare, highlighted by IHH Healthcare's integration of tools like Suki (clinical documentation) and Covera (revenue cycle automation), marks a pivotal shift in hospital operations. While the business case focuses on operational efficiency and reduced administrative burnout, the security implications are profound. We are effectively increasing the attack surface of Electronic Health Records (EHR) by tethering them to cloud-based AI processors and Robotic Process Automation (RPA) bots.

For defenders, this is not just an IT project; it is a data governance crisis in the making. The risk is no longer just a compromised endpoint, but a compromised AI pipeline leaking Protected Health Information (PHI) or an over-privileged RPA account facilitating lateral movement. We must move beyond "allowing" AI and start strictly controlling the data flow into these models.

Technical Analysis: AI Architecture & Risk Surface

Unlike a traditional CVE disclosure, the risk here is architectural. The integration of third-party AI into clinical workflows creates new trust boundaries that must be inspected.

  • Affected Products:
    • Suki: An AI-powered voice-enabled clinical assistant. It captures audio/transcripts of patient visits, processes them via NLP, and integrates data back into the EHR.
    • Covera: An RPA platform used for claims processing and revenue cycle management. It likely interacts directly with billing databases and web portals of payers.
  • Platforms:
    • Cloud-based SaaS: Data ingestion and processing occur outside the hospital's direct perimeter.
    • Windows Endpoints: Suki (mobile/desktop app) and Covera (RPA agents) execute on hospital workstations.
  • Data Flow & Risk Vector:
    • Egress: Unstructured clinical data (notes, voice) is sent from internal devices to external AI APIs.
    • Ingress: Structured data (ICD-10 codes, billing claims) is injected back into the EHR.
    • RPA Privilege: RPA bots (Covera) often require high-privileged access to billing systems to function, mimicking legitimate user behavior at superuser speeds, making anomaly detection difficult.

Executive Takeaways

As this is a strategic technology adoption rather than a specific vulnerability exploit, we cannot patch a single CVE. Instead, we must implement robust governance around these new vectors.

  1. Strict Data Egress Controls (DLP): Implement granular DLP policies specifically for traffic destined for known AI endpoints (e.g., Suki/Covera domains). Monitor for bulk data transfers or unauthorized PHI fields leaving the environment via non-standard ports or agents.

  2. Vendor Risk Management & Data Residency: Conduct a targeted third-party risk assessment. Verify if the AI vendors (Suki, Covera) use customer data for model training. Contractually demand "zero data retention" for PHI and confirm data residency compliance with local APAC regulations.

  3. Service Account Governance for RPA: RPA tools often rely on service accounts that have broad access. Ensure these accounts are:

    • MFA-enforced (where possible).
    • Geofenced to specific data center IP ranges.
    • Prohibited from interactive logon.
    • Subject to rigorous logging of all scripted actions.

  4. Input Sanitization & Validation: Before clinical notes are processed by AI, deploy intermediate validation scripts to strip out or redact highly sensitive identifiers (e.g., full SSNs, detailed financial info) that are not required for the clinical documentation task, minimizing the blast radius of a potential leak.

  5. Audit Logging of AI Interactions: Treat every AI interaction as a high-value transaction. Enable and centralize logs for all API calls between the hospital network and the AI vendor. Correlate these logs with EHR access logs to ensure that every AI-generated record update corresponds to a legitimate patient encounter.

Remediation & Hardening

To secure these AI workflows effectively, apply the following configuration changes and policies:

  1. Network Segmentation: Place all workstations running RPA agents or AI integration tools in a dedicated VLAN. Restrict egress traffic strictly to the verified IP ranges of the AI vendors (Suki, Covera). Block direct internet access from these endpoints.

  2. Privacy-Preserving Configuration: Configure the AI tools to operate in "Privacy Mode" or equivalent, ensuring that PHI is not used for model retraining. Review the admin consoles of these platforms to enforce data retention limits (e.g., auto-delete audio transcripts after 24 hours).

  3. Least Privilege Access: Audit the permissions assigned to the API keys and RPA accounts used by Covera and Suki. Revoke any unnecessary write access to the core EHR database; where possible, restrict them to API-specific interfaces that validate inputs before committing to the database.

  4. Acceptable Use Policy (AUP) Update: Explicitly prohibit the manual entry of patient data into "Shadow AI" tools (like public ChatGPT) while simultaneously defining the approved usage scope for sanctioned tools like Suki to prevent confusion among staff.

Related Resources

Security Arsenal Healthcare Cybersecurity AlertMonitor Platform Book a SOC Assessment healthcare Intel Hub

healthcare-cybersecurityhipaa-compliancehealthcare-ransomwareehr-securitymedical-data-breachhealthcare-aidata-privacyihh-healthcare

Is your security operations ready?

Get a free SOC assessment or see how AlertMonitor cuts through alert noise with automated triage.

Book a SOC AssessmentSee AlertMonitor in Action