The health care industry rightfully remains vigilant against external cyber threats, with the Director-General of the World Health Organization even labeling file loss from ransomware as potentially “issues of life and death.” Patient safety and the sanctity of confidential health information are paramount—which are also the very reasons health care organizations are prime targets for malicious actors. But as economic headwinds lead to corporate layoffs and government budget cuts dominate headlines, a less visible but equally critical danger demands our attention: The internal risks to hospitals and health care practices triggered by workforce reductions, which can culminate in significant data loss.

The way we work has fundamentally shifted, and this transformation amplifies the risks associated with employee departures. Rather than solely relying on on-premise software to create, store, and manage critical information, most workers use many different cloud-based platforms each day and move data on and off their devices, in and out of the cloud. While this helps facilitate user productivity, it can create risks of unprotected information residing outside the secure confines of systems under management by IT teams at research organizations, diagnostic and laboratory services, and health care providers.

According to the Work Trend Security Report, nearly seven in ten workers routinely save work-related data directly on their work devices, and 52 percent say they do not always back up that data. And private health and proprietary research data may be found elsewhere too. The vast majority use Google or Microsoft cloud collaboration tools and services for storing essential files as well as other specialized SaaS-based collaboration platforms. Often, users overlook performing regular data backups when using platforms, and when layoffs occur, this scattered digital footprint can become vulnerable to data loss or inaccessibility, with critical patient data and intellectual property potentially disappearing without a trace. Organizations are often ill-prepared to retrieve both data at scale and granular data (specific files) employees have created and dispersed across these various platforms when they leave.

Beyond unintentional data loss due to overlooked backups and distributed storage, a more troubling trend exists: The deliberate deletion of important files. It is a startling reality that one in six workers have witnessed a colleague intentionally erase crucial data before their departure. This phenomenon, sometimes referred to as “rage deletion,” is even more pronounced among those feeling insecure about their job stability. While these disgruntled employees may not be actively stealing information, the outcome is the same: The organization is left without access to vital records and knowledge. In an industry that is heavily reliant on data for patient care, research, and operational efficiency, the loss of critical information can have profound consequences.

The problem is exacerbated by shortcomings in data backup practices. Many employees admit to not regularly backing up files stored on their devices or within critical cloud applications. This is not solely an individual failing; often, organizational strategies fall short as well. Only 30 percent of respondents report that their companies make data backup easy. Understandably, when data protection feels like a cumbersome chore, it is often skipped entirely. In the context of layoffs, departing employees may leave behind a wealth of unprotected files, and poorly managed cloud data further amplifies the exposure. Studies indicate that a large majority of companies store sensitive data, including personal health information and financial details, directly on employee endpoints like laptops and desktops. The risk of this sensitive information being lost, corrupted, or even exposed during layoffs is substantial.

Adding to this precarious situation is a pervasive lack of clarity regarding data protection responsibility. A big portion of employees mistakenly believes that safeguarding data on cloud platforms is the responsibility of the service provider, while an even larger group assumes it falls solely under the employer’s purview. This creates an environment where critical data can easily fall through the cracks, particularly during periods of employee transition.

So, what proactive steps can health care organizations take to mitigate these internal risks? Technology and security leaders must begin by thoroughly understanding where critical data resides within their systems and identifying any gaps in current backup tools and recovery processes. Additionally, organizations should consider the efficacy of their data backup and protection solutions. For example, do they require manual intervention or are they automated? Can the solutions scale across the organization from deployment to recovery capabilities? A comprehensive review of existing data protection solutions is crucial.

Equally important is fostering strong partnerships across different departments within the health care organization. Collaboration with the HR department is particularly valuable for gaining insights into overall employee morale and corporate culture, which can serve as indicators of potential insider risks. Including relevant data resilience content into regular security training is essential. Clear and concise instructions on which backup tools to utilize, coupled with streamlined processes and automation, can empower employees to take ownership of protecting their work, without disrupting their work. Establishing robust employee offboarding procedures that include the secure retrieval of hardware and the immediate de-provisioning of access for departing employees is also fundamental to maintaining a strong security posture.

Additionally, integrating cybersecurity awareness into the organizational culture can be key in reducing the risk of data loss during layoffs. Employee sentiment has a direct impact on behavior; disengaged workers are more prone to malicious data deletion. Organizations should prioritize ongoing cybersecurity training that extends beyond initial onboarding, ensuring employees understand the risks associated with both internal and external threats and reinforcing that data protection is a shared responsibility. Leadership must champion this culture by visibly demonstrating the importance of data security.

The potential for significant intellectual property and sensitive patient data loss during health care layoffs is a multifaceted risk that cannot be ignored. Without robust backup protocols, clearly defined accountability, and a deeply ingrained culture of cybersecurity awareness, health care organizations remain dangerously vulnerable during times of workforce transition. By investing in user-friendly, automated backup solutions, promoting cross-departmental collaboration, and delivering consistent employee training, health care institutions can better safeguard their vital data assets and minimize operational disruptions, ultimately protecting the well-being and privacy of their patients. As workforce changes become a reality, proactively protecting intellectual property and patient data must be an intentional and organization-wide priority.

Todd Thorsen is a health care executive.