* [Blog](https://origin-researchcenter.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://origin-researchcenter.paloaltonetworks.com/blog/corporate/)
* [CIO/CISO](https://origin-researchcenter.paloaltonetworks.com/blog/category/ciociso/)
* Healthcare Organizations:...

# Healthcare Organizations: How to Get Ahead of Unapproved Cloud-Based File-Sharing Tools

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2F2016%2F01%2Fhealthcare-organizations-how-to-get-ahead-of-unapproved-cloud-based-file-sharing-tools%2F)  
[](https://twitter.com/share?text=Healthcare+Organizations%3A+How+to+Get+Ahead+of+Unapproved+Cloud-Based+File-Sharing+Tools&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2F2016%2F01%2Fhealthcare-organizations-how-to-get-ahead-of-unapproved-cloud-based-file-sharing-tools%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2F2016%2F01%2Fhealthcare-organizations-how-to-get-ahead-of-unapproved-cloud-based-file-sharing-tools%2F&title=Healthcare+Organizations%3A+How+to+Get+Ahead+of+Unapproved+Cloud-Based+File-Sharing+Tools&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://origin-researchcenter.paloaltonetworks.com/blog/2016/01/healthcare-organizations-how-to-get-ahead-of-unapproved-cloud-based-file-sharing-tools/&ts=markdown)  
\[\](mailto:?subject=Healthcare Organizations: How to Get Ahead of Unapproved Cloud-Based File-Sharing Tools)  
Link copied  
By [Matt Mellen](https://www.paloaltonetworks.com/blog/author/matt-mellen/?ts=markdown "Posts by Matt Mellen")  
Jan 20, 2016  
3 minutes  
[CIO/CISO](https://www.paloaltonetworks.com/blog/category/ciociso/?ts=markdown)  
[Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown)  
[Healthcare](https://www.paloaltonetworks.com/blog/category/healthcare/?ts=markdown)  
[PHI](https://www.paloaltonetworks.com/blog/tag/phi/?ts=markdown)  
[protected health information](https://www.paloaltonetworks.com/blog/tag/protected-health-information/?ts=markdown)  
[SaaS](https://www.paloaltonetworks.com/blog/tag/saas/?ts=markdown)

Cloud-based file-sharing tools such as Box, Dropbox, SugarSync and Google Drive can cause major security issues for healthcare organizations. And as a former security lead for a hospital, I found that, even if you have an approved cloud file-sharing website, unless you block access to non-approved file-sharing sites, medical practitioners will use whatever they personally prefer to share protected health information (PHI) with colleagues. Your organization may be deploying Box for internal hospital use, for example, but some doctors will still prefer to use Dropbox to store and share PHI -- it's not enough to deploy one approved tool and then hope for the best.

Once you upload PHI data to a popular cloud file-sharing sites, it's very easy to (mistakenly) configure it to be accessible to everyone on the Internet. As you can see in this screenshot of the free version of Dropbox, users do not have the ability to restrict access to specific users. The only option for controlling view access to their file is to select "Anyone with the link" as shown below. This means that if the link is posted to a Reddit conversation or another public forum, anyone would be able to download the files.

[](https://www.paloaltonetworks.com/blog/wp-content/uploads/2016/01/healthcare1.png)  
[![healthcare1](https://www.paloaltonetworks.com/blog/wp-content/uploads/2016/01/healthcare1-500x308.png)](https://www.paloaltonetworks.com/blog/wp-content/uploads/2016/01/healthcare1.png)

Palo Alto Networks is often asked to perform free proof-of-concept exercises at hospitals and other healthcare organizations, and I have found that it is quite common to find web access is enabled to unapproved cloud file-sharing sites.

When I led the effort to disable access to cloud file-sharing sites in my former role, I knew that I couldn't simply block all access without a careful plan. If I had done so, I would have been inundated with tickets from angry doctors wondering what was going on. The reality is that there are likely to be business processes that impact patient care that rely on access to these sites. For this reason I recommend the following high-level plan to decommission access to unapproved cloud file-sharing sites while making sure that clinical processes are not impacted:

1. Confirm CISO/CIO support of your effort to block cloud file-sharing sites.
2. Verify that you have approved alternatives to commonly used, but insecure cloud file-sharing sites. Users will need help to migrate their processes to the approved solution.
3. Determine the users who are accessing cloud file-sharing sites (if you have the capability).
4. Email users a warning that access to cloud file-sharing sites will be blocked on such and such a date.
5. Instruct users to open a ticket with the IT Security team to understand approved file-sharing alternatives.
6. Document a process for approving exceptions, and ensure that exceptions are revisited at least every six months. Require CISO approval for exceptions.

Healthcare organizations can safely enable access to sanctioned cloud file-sharing sites with careful planning and the right security tools, but any such website that is not explicitly approved by the organization should be blocked to avoid HIPAA-reportable incidents -- as soon as possible.

Learn more about Palo Alto Networks [solutions for sanctioned SaaS applications](https://www.paloaltonetworks.com/network-security/saas-security) and [next generation security in healthcare organizations](https://www.paloaltonetworks.com/industry/healthcare).

*** ** * ** ***

## Related Blogs

### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Healthcare](https://www.paloaltonetworks.com/blog/category/healthcare/?ts=markdown)

[#### This Is The Year to Prioritize Cloud Security In Healthcare](https://origin-researchcenter.paloaltonetworks.com/blog/2017/03/year-prioritize-cloud-security-healthcare/)

### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown)

[#### Are You Google Cloud Ready?](https://origin-researchcenter.paloaltonetworks.com/blog/2018/08/google-cloud-ready/)

### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown)

[#### A More Effective Cloud Security Approach: NGFW for Inline CASB](https://origin-researchcenter.paloaltonetworks.com/blog/2017/11/ngfw-inline-casb/)

### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown)

[#### How to Prevent Accidental Data Exposure in the Cloud](https://origin-researchcenter.paloaltonetworks.com/blog/2017/06/data-loss-prevention-prevent-accidental-data-exposure-cloud/)

### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Customer Spotlight](https://www.paloaltonetworks.com/blog/category/customer-spotlight/?ts=markdown), [Security Platform](https://www.paloaltonetworks.com/blog/category/security-platform/?ts=markdown)

[#### Customer Spotlight: How Verge Health Secures PHI on AWS Cloud With the Palo Alto Networks Next-Generation Security Platform](https://origin-researchcenter.paloaltonetworks.com/blog/2017/05/customer-spotlight-verge-health-secures-phi-aws-cloud-palo-alto-networks-next-generation-security-platform/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown)

[#### Aperture Updates Extend SaaS Security to Europe to Help Meet Data Privacy Needs](https://origin-researchcenter.paloaltonetworks.com/blog/2017/03/aperture-updates-extend-saas-security-europe-help-meet-data-privacy-needs/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://origin-researchcenter.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language