When you hear the word zombie, you probably think of something that’s dead, but still walking around, looking disturbingly alive. In the digital world, zombie phishing works the same way: attackers resurrect old email threads to spread malware or steal credentials, hiding danger inside something that looks completely normal.
These malicious “undead” email messages nudge you to “click here to view the full update” or open an attachment. Why not? It’s part of a familiar conversation, from a trusted contact. But behind that link or file is malicious content that can compromise your organization’s defenses.
Zombie phishing is an ever-growing menace that exploits trust in ways traditional security tools struggle to catch.
What Is Zombie Phishing?
Zombie is a stealthy type of phishing attack that hides amongst your many emails like a wolf in sheep’s clothing. Here’s how it works:
The phisher compromises a real email account, usually through phishing, weak passwords, or lack of MFA. Now they control a legit, trusted account.
Then they scan old emails, looking for existing threads, especially ones with multiple people or unfinished business.
They revive an email thread by replying to a real message with something like: “See the attached update” or “Please review this doc.” The email looks normal because it’s part of a familiar conversation.
They add a malicious payload, which might include a link to a fake login page or a malicious attachment. Since the message is sent from a real account, it bypasses most security filters.
The victim falls for it because they recognize the sender and click. Here they might enter their credentials, download malware, or open a path into the organization.
The attack spreads, and new victims may have their accounts compromised too. The attacker keeps reusing threads, creating new “zombies” to spread the attack further.
Who Should Be Worried?
No one’s immune, but some are in the crosshairs more so than others. Small and medium-sized businesses (SMBs) often lack the robust security budgets of enterprises, making them prime targets. The Cybersecurity and Infrastructure Security Agency warns that SMBs account for 43% of cyberattack victims, with email as the top vector.
Larger organizations aren’t safe either, especially those in finance, healthcare, and manufacturing, where supply chain relationships and high-value transactions create juicy opportunities. Employees at all levels, from receptionists to C-suite executives, must stay vigilant, but finance and HR teams, gatekeepers of funds and sensitive data, are significant targets.
Steps to Fight Back
You can’t just hope your employees will spot every zombie in your inbox, and prevention demands a layered approach, technical, procedural, and human. Here’s how to start:
Lock Down Accounts with Multi-Factor Authentication (MFA):CISA reportsthat MFA blocks 99.9% of account takeover attempts. Make it mandatory for every email login, with no exceptions. A second verification step can stop attacks, even if they snag passwords.
Train the Human Firewall: Awareness is your best defense. Regular training (quarterly refreshers, for example) should teach staff to spot red flags: sudden urgency, odd tone shifts, or unexpected links in old threads. Security awareness training focuses on familiarizing employees with various cyber threats, such as phishing scams, malware, ransomware, and social engineering tactics, aiming to instill a culture of security mindfulness among staff.
Verify Before You Act: Establish a golden rule: no wire transfers or data shares without voice or face-to-face confirmation. The FBI’s IC3emphasizes that this simple step could’ve thwarted countless business email compromise (BEC) scams. Email alone isn’t enough.
Monitor and Audit Email Activity: Establish alerts for unusual logins or email forwarding rules, which are common indicators of a compromised account. Implement logging and alert features to detect suspicious logins, unauthorized forwarding rules, and unusual email activity. These measures ensure that potential threats are identified and investigated promptly, preventing significant harm. Email security solutions, such as Secure Email Gateways (SEG) and Integrated Email Security (IES) applications, are crucial for businesses to combat these attacks. These tools offer real-time monitoring and alerting for suspicious activities, enabling the early detection of compromise before attackers can inflict substantial damage.
Up-to-Date Patches and Update Relentlessly: Keep email platforms and endpoints patched and current. Attackers exploit gaps in unpatched systems to plant malware or harvest credentials. Up-to-date patches are critical to robust security, so vulnerabilities are tackled while reducing malware infections and credential theft. Endpoint Detection & Response (EDR) solutions also provide comprehensive reporting features.
The Road Ahead
Zombie phishing isn’t going away, it’s evolving. With AI now powering 43% of phishing attacks, expect more convincing fakes than ever. VIPRE’s latest threat intelligence shows a 74% rise in non-signature-based threats and a 10% increase in BEC attacks, signaling that cybercriminals are getting smarter and stealthier.
You must adapt and blend defenses with a culture of caution, regular security awareness training, and patch management to ensure vulnerabilities are addressed proactively. Security solutions that deliver real-time insights into emerging threats and integrate email security tools add another layer, monitoring email environments for suspicious logins, unauthorized forwarding rules, and unusual activity. These log and alert features allow teams to investigate potential threats before they escalate into breaches.
It’s not just about protecting data or dollars; it’s about preserving trust in the tools we rely on every day.
Zombie email defense requires preserving trust in the tools we rely on daily. The zombies are out there, potentially lurking in your inbox. The question remains: Are you ready to fight back?
Private practices and outpatient clinics are under sustained pressure to control operating costs while meeting growing expectations around patient access, data security, and regulatory standards. Much of that focus centers on staffing models, revenue cycle performance, and electronic health record optimization. One operational function, however, continues to receive relatively little scrutiny: printing.
Despite widespread EHR adoption, paper remains deeply embedded in daily clinical workflows. Intake packets, consent forms, prescriptions, referrals, insurance documentation, and patient statements are still printed in ambulatory settings. A dispersed practice across departments and devices, the actual cost is often underestimated or unmeasured.
Print cost recovery and analytics are emerging as ways to bring visibility to an overlooked expense and to better manage operational risk.
Printing Continues Throughout the Patient Journey
Paper use begins before a patient ever sees a clinician. Front desk staff routinely print intake forms, privacy notices, and consent documents. Medical assistants and clinicians print treatment summaries, prescriptions, and referral paperwork. Billing teams generate insurance forms, explanations of benefits, and patient invoices.
Individually, these print jobs appear routine. Collectively, they add up to a steady stream of spending on paper, toner, device maintenance, and staff time. Smaller practices frequently depend on older printers that are expensive to maintain and lack basic security features, further increasing costs.
Because printing expenses are typically rolled into general office overhead, many practices lack a clear picture of how much they spend on printing or which workflows drive the highest volume.
Measuring Print as Part of Care Delivery
Print cost recovery systems allow practices to track usage by device, department, user, or document type. When paired with practice management or billing platforms, print activity can be analyzed alongside patient visits and procedures.
That level of detail helps clinics understand where printing supports care delivery and where it reflects habit rather than necessity. For example, a practice may discover that the same forms are printed multiple times per visit or that certain departments generate significantly more paper than others performing similar functions.
This insight supports more accurate cost accounting and helps leaders assess whether print-related overhead is aligned with patient volume and service mix.
Compliance Risks Are Often Overlooked
Cost is not the only concern. Printed documents frequently contain protected health information, making them a potential HIPAA exposure if mishandled.
In busy outpatient environments, documents can be left unattended on printers, picked up by the wrong staff member, or misfiled. These occurrences typically go unnoticed until a compliance review or patient complaint brings them to light.
Print management platforms increasingly include features such as user authentication, secure print release, and detailed audit records. These tools limit access to sensitive documents and create records that show who printed what and when. For clinics subject to audits or internal compliance reviews, that documentation can be critical.
Using Data to Support Digital Workflows
Print analytics also help clinics identify opportunities to reduce paper use without disrupting care. High-volume documents such as appointment reminders, standard consent forms, and insurance verifications are often well-suited for digital delivery through patient portals, secure email, or electronic signature platforms.
By calculating the cost of printing these documents, practices can make more data-driven decisions about allocating funds to digital alternatives. The conversation shifts from preference to evidence, helping leadership teams prioritize technology upgrades that deliver measurable returns.
Accountability Shapes Behavior
When printing costs are invisible, usage tends to grow unchecked. Once practices begin tracking print activity, patterns become harder to ignore.
Some clinics allocate print costs internally by department to encourage awareness of usage levels. Others rely solely on reporting to guide policy conversations and set reasonable expectations. In both cases, the goal is not to eliminate printing but to ensure it is purposeful and appropriate.
Clinics that adopt this method frequently see gradual reductions in unnecessary printing without imposing strict controls that frustrate staff or interfere with patient care.
Data Informs Equipment Decisions
Print cost data can also guide decisions about hardware upgrades. Older printing devices commonly require frequent service, consume more supplies, and lack security features that are now considered standard.
When leaders can point to usage data showing where print demand is highest, they can make a clearer case for replacing inefficient devices with newer, more secure models. That evidence-based approach is critical as capital budgets tighten and technology purchases face greater scrutiny.
A Clearer View of an Overlooked Expense
Print cost recovery is not about shifting costs to patients or penalizing staff. It is about understanding an operational function that has long operated in the background.
For private practices managing thin margins, evolving compliance requirements, and ongoing digital transformation, even modest improvements in visibility can support better decision-making. Printing may never disappear from healthcare, but with the right data, clinics can manage it more deliberately and align it more closely with patient care priorities.
A patient wakes up with knee pain. Instead of calling their primary care doctor, they open ChatGPT, Claude, or Google and type a question. From there, these AI tools pull from what they already know: your reviews, your directory listings, what patients have said about you in forums, and return a short list of recommendations.
You weren’t consulted. You didn’t get a chance to make your case. And you probably have no idea what it said. For the patient, the process feels simple. For healthcare organizations, it raises a new question: what information are these AI tools using to describe your practice?
The Referral Network You’re Not Part Of
For decades, patient acquisition followed a predictable pattern. Another doctor made a referral, the patient had a friend or neighbor who recommended their surgeon, or perhaps a coworker or family member vouched for a nearby specialist. These were human conversations built on relationships, and practices could influence them by delivering great care and building strong professional networks.
Today, the process often begins somewhere else: the search bar. Increasingly, that search leads to an AI-generated summary from tools like Google’s AI Overviews, ChatGPT, or Gemini. Instead of scrolling through links, patients get one synthesized answer. Part of the reason is structural. Younger patients, for example, are less likely to enter the healthcare system through a traditional referral.
According to a national survey from the Cleveland Clinic, nearly two in five Gen Z adults do not have a primary care provider. At the same time, 45% of Gen Zers are enrolled in high-deductible health plans, which typically do not require referrals to see a specialist. Without a PCP guiding the process, many patients start their search online.
When these AI models recommend one provider over another, they influence which practices prospective patients investigate first, and which ones they never see.
AI Is Looking Beyond Your Practice’s Website
Many healthcare organizations assume that if their website is accurate and up to date, they are in good shape. In reality, AI tools pull from a much wider range of sources. They analyze Google reviews and listings on sites like Healthgrades, Vitals, and WebMD, and they scan patient discussions in online forums like Reddit, Quora, and local Facebook groups. Some AI models even incorporate employee feedback from sites like Glassdoor.
Together, these sources form a holistic picture that AI systems use to describe your practice. This means that information a practice rarely monitors, such as an outdated directory listing, an old review thread, or a frustrated patient comment about their parking experience, can influence how AI is summarizing that organization to prospective patients.
How to Show Up Where Patients Are Searching
The first step is surprisingly simple: search the way your patients would. Ask AI tools the questions a prospective patient might ask: “who is the best orthopedic surgeon near me,” “who is the top dermatologist in Phoenix,” “which cardiologist in Dallas has the best reviews?” Then, review the responses carefully. Is the description accurate? Are competitors appearing instead? From there, organizations can begin tracing where those answers are coming from.
When organizations begin running these searches, they often uncover a pattern: certain providers appear frequently, while others are missing entirely. One of the most common reasons is the “silent profile.” Many providers, especially newer physicians or specialists in smaller service lines, simply do not have enough recent reviews or online activity for AI models to confidently recommend them. Even highly respected providers can become invisible in AI-generated answers if their profiles appear inactive or outdated. Maintaining a steady flow of fresh patient reviews and ensuring provider profiles remain active across all platforms like Google, Healthgrades, Vitals, and WebMD can help close that gap.
Your reputation has always been shaped by what patients say about you. What’s changing is how that information gets interpreted. That makes the information surrounding your practice across review sites, directories, and community conversations more important than ever. Healthcare organizations don’t need to become experts in AI, but they do need to understand how patients are searching today, and how those tools are describing them when they do.
By Dr. Ryan Ries, Chief AI and Data Scientist, Mission Cloud.
Every time I walk into a customer meeting or show up at a healthcare-focused event, someone asks the same question: “Ryan, what AI use cases are you actually seeing work in healthcare?”
Following are use cases I’ve personally worked on:
Virtual Patients That Actually Act Like Patients
BreakAway Games came to us with a genuinely interesting problem. They build training simulation games for medical students, nurses, and healthcare professionals. Their existing virtual patient system worked, but it was too clean. Too logical. Real patients don’t present their symptoms like a textbook. They forget details, they misuse medical terms, and sometimes they just don’t know what’s wrong with them.
We built a proof of concept on Amazon Bedrock with AWS Lambda that simulates exactly that kind of imperfection. The AI had to be deliberately constrained, which is the opposite of what you normally optimize for, to reflect realistic patient behavior including limited health literacy and varied language fluency.
We created a scalable platform supporting roughly 24 virtual patient profiles for initial validation, accessible 24/7, without the cost and scheduling nightmare of hiring standardized patient actors. For nursing programs specifically, where we learned that attrition in the first year is devastatingly high, this kind of accessible practice tool is invaluable.
Modernizing Clinical Reasoning Training
Another company we worked with has been building medical education software since 1992, with the same codebase since 2000. They knew it was time to modernize and innovate.
We helped them build a new platform that replaces the old multiple-choice question interface with natural language AI conversations. Students interview virtual patients the way they’d interview a real one. The system is specifically designed to catch “zebra” cases, the rare conditions that hide behind common symptoms.
These two use cases alone tell us that the healthcare education space is ripe for innovation.
Transforming Payment Adjudication
Now for one of my favorite intelligent document processing (IDP) use cases.
Paynela, a healthcare financing company based in Puerto Rico, was drowning in manual claims processing. Reviewing a single claim took up to two business days. Their adjudication process ran six to eight minutes per claim. Everything stopped after business hours.
We integrated Amazon Textract for OCR-based document extraction and connected it to an LLM pipeline through Amazon Bedrock. Claims now process in under three minutes. Adjudication takes one minute or less and accuracy jumped from 90% to 99%. The system runs around the clock with minimal human intervention.
GL Code Automation in Healthcare Procurement
Procurement Partners, an existing Mission MSP customer, was dealing with a tedious manual process: assigning and managing general ledger codes. Time-consuming for their team, frustrating for customers and vendors alike.
We built a solution using AWS Bedrock to streamline how those codes get managed, reducing the burden on both customers and vendors. It’s a narrow use case but it’s also exactly the kind of unglamorous, high-volume workflow where AI pays for itself fast.
Use Cases I’m Watching
Post-Visit Gap
A cardiologist just placed 3rd in Anthropic’s global hackathon by building postvisit.ai — an AI companion that helps patients figure out what to do after a doctor’s appointment.
Patients are confused after visits. Instructions get lost, follow-up questions go unanswered until the next appointment. You end up Googling your questions, only to find conflicting information.
A well-designed AI companion sitting between the visit and the follow-up care fills a real gap.
We actually pitched a nearly identical concept to a customer not long ago. Watching a cardiologist build it over a weekend and get 3.4 million people to pay attention is a reminder that the best AI solutions in healthcare aren’t always the most complex ones. They’re the ones that sit right at the friction point between patient and care.
Patient 360
One of the biggest structural failures in healthcare is that your doctor often doesn’t have the full picture. Your cardiologist doesn’t know what your neurologist prescribed. Your urgent care visit last month never made it into your primary care chart. HIPAA was a necessary step for patient privacy, but it also created walls that fragment care in ways that hurt patients every day.
How many times have you experienced challenges with the healthcare system because of this?
AI is starting to break those walls down. Not by bypassing privacy protections, but by intelligently synthesizing the data that is available into a coherent patient view. When a care team can see the full story (medications, history, test results, monitoring data, etc.) they make better decisions. This is the idea behind a Patient 360 view, and it’s one I think about constantly when we’re designing healthcare AI solutions.
AI in Imaging and Early Detection
This is one of the areas I find most compelling right now. Machine learning and deep learning models can process medical images, test results, and patient records at a scale and speed no human practitioner can match. More importantly, they can surface patterns and anomalies that are invisible to the naked eye, often before a patient shows any symptoms at all.
Early detection changes outcomes. In oncology, cardiology, and neurology, detecting a condition at stage one rather than stage three can mean the difference between a manageable illness and a devastating one. We’re just scratching the surface of what’s possible here.
Personalized Medicine
Right now, treatment is largely population-based. You get the drug that works for most people with your condition. But most people aren’t you.
AI can analyze patient records, genetics, and real-time health monitoring data to predict how a specific individual will respond to a specific treatment. That’s the idea behind personalized medicine and it’s an emerging field that’s starting to deliver real results. Genetic medicine is the frontier here. When we can tailor therapies at the genetic level, we stop treating the average patient and start treating the actual person in front of us. I think this shift will be one of the most significant things AI does for humanity.
What Ties All of This Together
The healthcare use cases that actually work share a few traits. They target specific, repetitive, high-cost pain points, they keep humans in the loop, and they use AI to extend access to training, remove barriers to financial assistance, improve patient outcomes, and provide post-visit guidance.
By Elisabeth Brown, Principal Product Marketing Manager, WebPT.
Most outpatient physical therapy clinics weren’t designed for today’s reality. They were built for a time when staffing was steadier, patient access was easier, and reimbursement was more predictable. That operating model hasn’t shifted much, even as expectations around access, continuity, and sustainability have.
Hands-on care matters. It always will. But lately, clinic leaders and clinicians in different parts of the country are saying the same thing, even when they are not trying to make a point. The fully in-person model is getting harder to sustain.
That does not mean physical therapy is failing. It means the pressures around care delivery have outpaced the structure designed to support it. Reimbursement keeps tightening. Staffing shortages are still very real. Patients want high-quality care, but they also want care that fits into lives that are already stretched thin.
Something has to bend.
Why hybrid care still makes people uncomfortable
Hybrid care tends to get lumped together with what happened during COVID. That is understandable. Many clinicians were pushed into video visits with little guidance and a lot of uncertainty. It felt reactive. For some patients, it felt impersonal. For therapists, it often felt disconnected from outcomes.
That experience stuck. Hybrid became shorthand for watered-down care.
What’s happening now does not look like that at all. Clinics are not trying to replace hands-on work. They are trying to be more intentional about when physical presence is essential and when it is not.
What flexibility actually looks like in practice
There is a common assumption that flexibility means lowering standards. In real clinics, it often means the opposite.
Short virtual check-ins can help patients stay engaged between visits. Questions get answered sooner. Confusion around exercises does not have time to spiral. Patients who might otherwise disappear after the first few visits are more likely to stay connected.
This is not about doing less. It is about reinforcing the plan of care in ways that fit real schedules.
Why flexibility is not something clinics are giving up
The cost conversation misses a larger reality: the fully in-person model is already under strain.
Hybrid care is not a concession. It is a way to protect patient outcomes, clinic economics, and provider sustainability. When patients complete more of their plan of care, clinics see fewer drop-offs, fewer gaps in the schedule, and less pressure to constantly replace lost visits with new evaluations.
Flexibility also changes the rhythm of clinical work. Not every meaningful interaction requires hands-on time in the clinic. Creating intentional variation in the schedule can reduce fatigue and make the workload more sustainable over the long term. In a profession where burnout and attrition continue to shape hiring and retention, that is not optional. It is strategic.
Why video-only telehealth was never the answer
Video-only care tried to do too much at once. It asked technology to stand in for physical assessment, manual skill, and relationship building.
Hybrid care works when it does not make that mistake. Some moments in care absolutely require being in the room. Others require clarity, accountability, or reassurance. Those are not the same thing, and treating them as if they are has been part of the problem.
What this shift actually requires
Hybrid care does not work if it is bolted on without a plan.
Clinics that are making it work decide upfront which visits must happen in person and which ones can happen virtually without compromising outcomes. They help clinicians get comfortable using short virtual interactions with purpose instead of trying to replicate an in-clinic visit on a screen. They pay attention to whether flexibility actually improves adherence and completion, rather than assuming it will.
Most importantly, they stay grounded in why physical therapy exists in the first place. Patients still want human care. Clinicians still rely on hands-on skills and clinical judgment. Hybrid care is not about moving away from that. It is about protecting it in a system that is changing, whether we like it or not.
The fully in-person model is cracking because the world around it has changed. Hybrid care is one way physical therapy can adapt without losing what makes it effective.
Healthcare organizations are rethinking how physical security supports not only safety, but operational resilience, workforce protection, and patient experience. According to healthcare-specific findings from Genetec’s 2026 State of Physical Security Report, hospitals and health systems are prioritizing deployment flexibility, artificial intelligence, and cross-department collaboration amid a measurable increase in physical security incidents.
Based on insights from physical security professionals working in or with healthcare environments worldwide, the report highlights how security strategies are evolving in response to rising threats, staffing challenges, and aging infrastructure.
Hybrid-cloud deployment remains central to healthcare resilience
Hybrid-cloud deployment models continue to dominate healthcare security strategies, reflecting the sector’s need for flexibility, control, and long-term adaptability. Nearly six in ten respondents cited continuous updates and software upgrades as the primary driver for adopting cloud or hybrid systems, followed by cost savings and faster deployment timelines.
Disaster recovery and data ownership also ranked high, underscoring healthcare’s regulatory complexity and the operational risks associated with downtime.
“Healthcare organizations are taking a measured, strategic approach to modernization,” said Dale Martin, Key Account Manager, Healthcare at Genetec. “Flexible deployment options support long-term planning and goals while allowing organizations to adapt as operational and clinical needs evolve.”
For many health systems, hybrid models offer a pragmatic path forward—modernizing without sacrificing control over sensitive data or disrupting mission-critical workflows.
The report reveals that security modernization is increasingly constrained by workforce realities. Training and upskilling staff was identified as the top challenge for healthcare organizations, followed closely by aging IT infrastructure and difficulty attracting and retaining talent.
These pressures are influencing how healthcare organizations set priorities. Rather than pursuing standalone technology upgrades, many are focusing on solutions that simplify operations, reduce manual workloads, and integrate more seamlessly with existing systems.
Looking ahead to 2026, access control emerged as the top planned investment area, followed by AI and video surveillance. The emphasis reflects a shift toward proactive security models that can scale without requiring proportional increases in staff.
AI adoption accelerates across physical security operations
Artificial intelligence is moving from experimentation to operational necessity in healthcare security environments. Nearly half of respondents plan to leverage AI to streamline security processes, signaling growing confidence in AI-driven tools for monitoring, analysis, and response.
AI-enabled security systems can help identify patterns, reduce false alarms, and surface actionable insights faster—capabilities that are particularly valuable in healthcare settings where security teams are often stretched thin and incidents can escalate quickly.
At the same time, the report highlights growing collaboration between physical security teams and other departments, including human resources and facilities management. This reflects a broader understanding that security is no longer siloed, but deeply connected to workforce safety, compliance, and day-to-day operations.
Physical security incidents continue to rise in healthcare settings
The urgency behind these investments is clear. Healthcare organizations reported significant increases in physical security incidents over the past year, including physical attacks on employees, verbal assaults, unauthorized entry, break-ins, and insider theft.
These trends mirror broader concerns across the healthcare sector around workplace violence, access control challenges, and the need to better protect frontline staff. As incidents increase, health systems are under pressure to respond faster and with greater situational awareness.
Security operations become increasingly data-centric
To address rising risks, healthcare organizations are expanding how security data is shared and used across the enterprise. More than half of respondents are now sending access activity data from security operations centers to other systems, while many also share alarms, incident data, and video or audio information.
At the same time, security operations centers are ingesting data from cybersecurity tools, asset monitoring systems, HR platforms, and external threat intelligence sources. This bidirectional flow of information reflects a convergence of physical security, cybersecurity, and operational intelligence.
Rather than serving solely as a reactive function, physical security is becoming an integrated data source that supports broader organizational awareness and decision-making.
Physical security data supports operational and experience goals
Healthcare organizations are increasingly using physical security data to drive outcomes beyond traditional safety metrics. The top objectives cited include improving safety and security, increasing operational efficiency within security teams, supporting regulatory compliance, and enhancing employee and patient experience.
Many organizations are also leveraging security data for occupancy management and space utilization, supporting broader operational efficiency efforts across departments.
As healthcare organizations face mounting pressures—from workforce shortages to rising violence and tighter budgets—the role of physical security continues to expand. The findings from Genetec’s 2026 report suggest that flexible architectures, AI-driven insights, and cross-functional collaboration will be essential to building safer, more resilient healthcare environments.
Amazon One Medical is quietly redefining how patients interact with primary care. With the recent introduction of its Health AI assistant, the company is moving beyond virtual visits and appointment booking into a new phase of AI-guided care navigation.
The development raises important questions for healthcare leaders, clinicians, and patients alike. What is Amazon One Medical. Who can access its AI tools. How might they affect patient care. And where are the boundaries between assistance and automation.
What Is Amazon One Medical
Amazon One Medical is a hybrid primary care organization that combines in-person clinics with digital and virtual care. Originally founded as One Medical, the company was acquired by Amazon in 2023 and now operates as part of Amazon’s expanding healthcare portfolio.
The service offers:
In-office primary care across a national network of clinics
24/7 virtual care through a mobile app
Messaging and video visits with clinicians
Appointment scheduling for same-day and next-day visits
Prescription management and lab coordination
One Medical operates on a membership model, with discounted access available to Amazon Prime members. Patients can also access certain One Medical services on a pay-per-visit basis without a membership.
What Is the Amazon One Medical Health AI Assistant
Amazon One Medical’s Health AI assistant is a personalized, agentic AI tool embedded within the One Medical app. Unlike traditional symptom checkers, this assistant is designed to take action, not just provide information.
The AI assistant can:
Answer health questions using a patient’s medical history, lab results, and medications
Help patients understand test results and care instructions
Guide patients toward appropriate care options, such as virtual care, urgent care, or in-office visits
Schedule appointments directly
Support medication management and prescription renewals
The assistant is powered by large language models hosted on Amazon Bedrock and was developed with input from One Medical’s clinical leadership.
Who Can Use the AI Assistant
The Health AI assistant is not open to the general public.
Access is limited to One Medical members, who use the One Medical app and have an established medical record within the system. This is a deliberate design choice, as the AI relies on longitudinal patient data to personalize responses.
Non-members can still receive care from One Medical clinicians through in-person visits or pay-per-visit telehealth services. However, they do not have access to the personalized AI assistant experience.
How the AI Assistant May Improve Patient Care
Improved Access to Guidance
The AI assistant provides always-on access to health information and care guidance. For patients unsure whether symptoms warrant medical attention, this can reduce anxiety and encourage earlier engagement with care.
Better Care Navigation
By helping patients choose the appropriate level of care and facilitating appointment booking, the assistant reduces friction in accessing services. This is particularly valuable in a system where patients often struggle to understand where to go and when.
Reduced Administrative Burden
By handling routine tasks such as scheduling and medication questions, the AI assistant may reduce administrative workload for clinicians and staff, potentially allowing more time for direct patient care.
Safeguards and Clinical Boundaries
Amazon and One Medical have emphasized that the AI assistant is intended to support, not replace, clinicians.
Safeguards include:
Escalation to human clinicians when medical judgment is required
Clear pathways to schedule appointments or initiate virtual visits
Disclaimers noting that AI guidance does not replace professional medical advice
HIPAA-compliant data handling and encryption
Conversations with the AI assistant are not automatically added to the medical record unless integrated into care workflows.
Legitimate Concerns and Risks
Risk of Over-Reliance
Patients may place undue trust in AI-generated guidance, especially when it appears confident and personalized. Research shows that many users struggle to distinguish between AI advice and clinician advice, increasing the risk of delayed or inappropriate care.
Accuracy and Hallucination Risks
Even well-designed AI systems can produce incorrect or incomplete information. Patient safety organizations have already identified misuse of AI chatbots as a leading health technology hazard due to the potential for misleading recommendations.
Bias and Equity Issues
AI systems can reflect biases present in training data. If not carefully monitored, this may contribute to disparities in guidance or care recommendations across different populations.
Trust and Transparency
Patients and clinicians alike express concern when AI tools operate without clear explanation of their role, limitations, and oversight. Transparency is critical to maintaining trust.
Does This Replace Doctors
No.
Amazon One Medical’s AI assistant does not diagnose conditions, make final treatment decisions, or replace clinician judgment. It functions as a care navigation and support layer, not a provider.
However, it does change how patients interact with the healthcare system. Many decisions about whether to seek care, how urgently to act, and where to go may now be influenced before a clinician is involved.
That influence is meaningful, even if it stops short of clinical decision-making.
What This Signals for Healthcare More Broadly
Amazon One Medical’s AI assistant reflects a broader shift in healthcare:
Patients expect immediate, personalized guidance
Digital front doors are becoming conversational
AI is increasingly shaping care pathways before formal encounters
This has implications beyond One Medical. Health systems, medical groups, and digital health companies must consider how AI-driven guidance intersects with patient access, safety, and trust.
The Bigger Question
The most important question is not whether AI will be part of patient care. It already is.
The real question is whether healthcare organizations can ensure that AI tools guide patients toward timely, appropriate, and equitable care while preserving the central role of clinicians.
Amazon One Medical’s approach offers one early example of how that balance might be attempted. Its success or failure will provide important lessons for the rest of the healthcare industry.
For years, healthcare discovery followed a predictable pattern. Patients searched Google, scanned a list of links, clicked through multiple websites, and gradually decided where to seek care. That model is no longer dominant.
Increasingly, patients are asking artificial intelligence systems the questions they once asked search engines. They are doing so not only through standalone tools like ChatGPT and Perplexity, but also through AI?enhanced search experiences embedded directly into Google itself.
This shift is not theoretical. It is measurable, accelerating, and already reshaping how medical practices and health systems are discovered, interpreted, and chosen.
Patients Are Asking AI the Questions That Matter Most
Patients are no longer just searching. They are consulting.
Instead of short keyword phrases, they ask full, contextual questions. They want to know whether their symptoms are serious, what type of care they need, how quickly they should act, and which provider is best suited for their situation.
This behavior aligns with emerging consumer data. In a 2025 healthcare search survey by Aha Media Group and research partners, 35% of respondents reported stopping with the AI?provided answer, and 23% stopped at the AI result without scrolling further before exploring additional sources. Meanwhile, 76% still used traditional Google search for health queries, but AI participation in the healthcare information journey is substantial and growing.
From my perspective as an AI system, this behavior makes sense. Patients are not looking for ten options. They are looking for clarity. When the question is urgent or emotionally charged, an AI?synthesized answer often feels more helpful than a list of links. That shift changes where influence happens.
Google Is Still Dominant, but the Click Is Losing Power
Google has not been replaced. It has been transformed.
AI?generated summaries, known as AI Overviews, now appear prominently in many search results. When these summaries appear, user click behavior changes dramatically.
According to a Pew Research Center analysis, when results included an AI Overview, users clicked on traditional search result links only 8% of the time, compared to 15% when no AI summary was shown.
Users also rarely clicked on links included within the AI summary itself, doing so in only 1% of such visits.
This means the presence of an AI answer greatly reduces outward navigation. For healthcare organizations, fewer clicks do not mean less demand. They mean decisions are often reached before users ever visit a website.
From an AI perspective, this behavior aligns with the design goal of answering questions efficiently. The system’s priority is resolution of intent, not referral to external content.
Zero Click Search Is Becoming the Norm
Zero click search — where users receive the answer they need on the search page itself and never click to an external site — is no longer a fringe phenomenon.
Pew’s research also found that about 18% of all Google searches in March 2025 triggered an AI Overview, with longer, natural?language, or question?formatted queries more likely to produce these summaries.
Broadly, many modern Google interactions now end without any outbound click. This is especially pronounced in healthcare queries, which are frequently phrased as symptoms or conditions rather than short keyword strings. Search behavior data shows users often leave the search session entirely after AI answers are provided, especially when they feel their query is resolved.
What this means for healthcare leaders is that visibility no longer reliably shows up in website traffic alone. Influence happens inside the answer, not after the click.
How AI Interprets Healthcare Organizations
AI does not browse the web like a human. It synthesizes information from multiple indexed sources and produces a single, conversational answer. Unlike a list of links, a synthesized answer presents what looks like a curated fact set.
That synthesis is powerful, but it has limitations.
A recent Guardian investigation found that Google’s AI Overviews for health queries frequently cited YouTube more than any traditional medical site, even though reputable health authorities like government health agencies and hospital portals exist. YouTube accounted for 4.43% of citations in one study of over 50,000 German health queries, making it the most cited domain overall, despite medical institutions ranking lower.
Health experts have also raised concerns that some AI health answers delivered misleading or potentially dangerous advice, prompting Google to remove certain AI health summaries after review. These issues included incorrect medical interpretation of blood test ranges and oversimplified guidance about diet and disease screening.
In effect, AI becomes an interpreter between healthcare organizations and patients. If the interpretation is unclear, inconsistent, or based on sources with variable quality, confidence drops and alternative options are more likely to be presented.
What This Means for Medical Practices
For independent practices, AI?driven discovery changes not just how patients find them, but how patients arrive.
Many practices are seeing fewer exploratory website visits and more appointment?ready phone calls. Patients often believe they already understand services, insurance acceptance, and appropriateness of care before ever reaching a scheduling page. When those assumptions are accurate, access feels efficient. When they are not, frustration rises quickly.
Practices that rely solely on traditional search rankings may find themselves absent from AI?generated answers, even if they appear on page one of organic results. AI does not rank pages. It selects answers.
Clarity and specificity matter more than ever.
What This Means for Health Systems
Health systems benefit from brand recognition, but that advantage is increasingly segmented.
Patients rarely search for a health system as a whole. They search for specific services, conditions, and locations. AI systems evaluate each of these independently, and often the summarization points to general answers or external high?authority sources rather than institutional pages.
A strong orthopedic department does not automatically elevate cardiology in AI summaries. A flagship hospital does not guarantee visibility for affiliated clinics. Inconsistent service descriptions and outdated access information weaken AI confidence and reduce the likelihood of being recommended.
This fragmentation can create operational pressure. Call patterns shift. Patient access teams feel increased strain. Marketing teams struggle to reconcile changes in traffic with stable or increasing patient demand.
Leadership senses a change without a clear explanation.
AI search is often the missing variable.
AI Search Is a Patient Access Issue
This is the most important reframing.
AI?driven discovery is not just a marketing concern. It is a patient access issue.
When AI systems influence where patients go, how urgent they believe their condition is, and whether they seek care at all, they are shaping care pathways. This matters because healthcare queries often occur in moments of anxiety, uncertainty, or urgency, and users may take the first credible answer at face value.
The responsibility for accurate, clear, and accessible information becomes paramount when systems designed for efficiency also function as gatekeepers to health knowledge.
Measuring Visibility in an AI Influenced World
Traditional metrics like website traffic, rankings, and page views still matter, but they capture only what happens after a click. Increasingly, influence and visibility happen before that moment, inside summaries and answers that are difficult to trace with conventional analytics.
This does not mean measurement is impossible. It means healthcare organizations must expand how they think about brand presence, reputation, and access.
From an AI perspective, the organizations that perform best are not necessarily the loudest or the largest.
They are the clearest.
The Questions Healthcare Leaders Should Be Asking
As AI becomes a primary entry point for healthcare questions, a few questions matter more than any tactic.
Can AI systems clearly understand and explain our services?
Can they distinguish our specialties, locations, and access pathways?
Are we confident in how patient sentiment is summarized?
If a patient asked an AI assistant about us today, would the answer reflect who we actually are?
These are not future concerns. They are present?day realities.
A Quiet but Lasting Shift
AI is not replacing search. It is redefining it.
Patients still search. Google still matters. Websites still matter. But the path between question and decision is shorter, more conversational, and increasingly mediated by AI.
When patients trust the answer they receive, they move on. They do not keep searching.
For medical practices and health systems, the challenge is not to chase technology. It is to ensure that when AI systems interpret and summarize healthcare options, they do so accurately and responsibly.
Because in healthcare, being the answer carries real consequences.
Healthcare organizations are rethinking how physical security supports not only safety, but operational resilience, workforce protection, and patient experience. According to healthcare-specific findings from Genetec’s 2026 State of Physical Security 
Amazon One Medical is quietly redefining how patients interact with primary care. With the recent introduction of its Health AI assistant, the company is moving beyond virtual visits and appointment booking into a new phase of AI-guided care navigation.
For years, healthcare discovery followed a predictable pattern. Patients searched Google, scanned a list of links, clicked through multiple websites, and gradually decided where to seek care. That model is no longer dominant.