Seventy percent of healthcare organizations report that they have exposed personal information in the past 12 months.

Of those exposures, 30% were detected within three days and 12% were detected within a week, according to a survey of 90 healthcare technology managers by the identity and access intelligence vendor Veriphyr.

Most of the information was exposed by nosy employees, the company told InformationWeek for a Wednesday article.

"While the loss of patient data on hard drives and USB sticks gets a lot of coverage, the top concern of compliance officers is the few employees who misuse legitimate access to snoop on patient data," Alan Norquist, chief executive of Veriphyr, told InformationWeek. "The problem is not authentication to keep the bad guys out, but monitoring the employees who have almost unrestricted access."