«  View All Posts

Deepfakes in Healthcare: How to Protect Your Practice

July 8th, 2026 | 5 min. read

By Claudine Santiago

Healthcare professional using a laptop beside a digital face illustration, highlighting deepfake cybersecurity risks in healthcare.

Deepfakes in healthcare let criminals impersonate doctors, administrators, and vendors using fake voices and videos. Practice administrators face wire transfer scams, prescription fraud, and patient data theft when they can't tell real calls from AI-generated fakes.

Healthcare practices handle sensitive patient data, insurance payments, and controlled substance orders daily. Deepfake scams can copy trusted voices and pressure administrators into sending fake wire transfers, exposing protected health information (PHI), or changing vendor payment details.

For more than 20 years, Intelligent Technical Solutions (ITS) has helped healthcare organizations protect patient data and reduce fraud risk. We understand the unique pressures practice administrators face as they balance patient care operations with evolving security threats.

In this article, we've invited Cody Canon, ITS Director of Healthcare IT, to explain how deepfakes target healthcare practices and what administrators can do to protect their operations.

You will learn:

What Are Deepfakes in Healthcare, and How Do They Work?

Deepfakes use artificial intelligence (AI) to create fake audio or video that sounds and looks like a real person. In healthcare, criminals use this technology to impersonate doctors, practice managers, CFOs, and trusted vendors.

These tools have become easier to access. Attackers can copy a voice using short clips from voicemails, conference calls, or public videos. Some voice cloning tools need only around 15 seconds of someone's voice to create a convincing fake.

Common Healthcare Deepfake Attacks

Below are some of the most common ways deepfakes are used to scam healthcare organizations:

  1. Wire transfer fraud: A staff member gets a call that sounds like the practice owner or executive, demanding an urgent wire transfer and using familiar tone and phrases.
  2. Vendor payment changes: A caller pretends to be a trusted medical supplier and asks you to “confirm” or update banking details, so future payments go to a new account.
  3. Prescription fraud: Criminals mimic a doctor’s voice to request prescription transfers or place controlled-substance orders with a pharmacy, hoping staff won’t question it.
  4. Patient data theft: Someone posing as an insurer or partner clinic asks for patient records for “care coordination,” but the real goal is to steal protected health information.

"Healthcare practices are attractive targets because they process high-value payments and hold valuable patient data," says Cody. "A convincing voice can bypass the usual skepticism that stops obvious phishing emails." 


How Can Practice Administrators Spot Deepfake Attacks?

Deepfakes can look and sound real, but there are clear warning signs and easy steps you can take to check if it’s a scam.

Warning Signs to Watch For

  1. Urgent requests: Real executives seldom ask for an unexpected wire transfer right away. If you’re being rushed to act fast, that’s a red flag.
  2. Skipped processes: If a vendor asks you to update banking details over the phone instead of your usual method, treat it as suspicious.
  3. Audio quality issues: Some deepfakes have robotic pauses or odd breathing, and the background noise may not match where the person says they are.
  4. Off-hours requests: Late-night or weekend calls pushing urgent money transfers are a red flag.

Verification Steps That Stop Fraud

  1. Call back using a known number: Look up the person's number in your contact records and call them directly. Never use a number from a suspicious call.
  2. Use a different channel: If you get a voice call, verify it through email. Use the contact information you already have.
  3. Ask unexpected questions: Bring up recent conversations or internal details that an outsider wouldn't know. Deepfakes can't answer questions outside their script.
  4. Use code words: Some practices set up code words for high-risk requests, such as wire transfers or system access changes. This adds protection that deepfakes can't bypass.

"The best defense is having a strong verification process," explains Cody. "Require verbal confirmation plus written approval for any payment or data request, even if the voice sounds perfect." 

Read: The Dangers of Deepfakes and How to Protect Against It


What Security Steps Prevent Deepfake Fraud in Healthcare Practices?

To stop deepfake scams, healthcare practices need clear verification rules, trained staff, and the right security tools.

1. Set Verification Rules for High-Risk Requests

Create required verification steps for anything involving money or patient data. These rules should apply to everyone, including staff, doctors, and owners.

For wire transfers and payment changes:

  • Require two approvals for payments over a set amount.
  • Do a call-back using a saved, trusted number to verify a request.
  • Get written confirmation by email or through an approved portal before paying.
  • Never accept payment changes made only by phone.

For patient data requests (PHI):

  • Verify the requester's identity in your patient system or vendor records.
  • Confirm the request through a secure portal or a known contact.
  • Log every PHI request, including who asked, what they requested, and when.

2. Train Staff to Recognize Red Flags

Short, monthly training works better than annual sessions. Use real examples of deepfakes and social engineering scams that have hit other healthcare practices.

Make reporting simple and safe. Staff should know exactly how to flag a suspicious call, and they shouldn’t worry about “being wrong.” Encourage people to question unusual requests, even if they appear to come from leadership.

3. Reduce the Public Information Attackers Can Use

Criminals often research your practice first. They check your website, LinkedIn, and social media for names, roles, and even voice or video clips.

Reduce the public information attackers can use by:

  • Limiting how much staff detail you share on your website
  • Reviewing what employees post on LinkedIn and social media
  • Being careful about publishing voice or video content that could be copied and reused in a deepfake

 
 

4. Add Tools that Strengthen Verification

Technology can strengthen verification and reduce the risk of deepfake fraud by adding these controls:

  • Multi-factor authentication (MFA): Use MFA for billing systems, EHR/EMR access, and financial accounts.
  • Verified payment channels: Require vendor payment updates through verified email addresses or secure portals only.

5. Partner With Security Experts

Healthcare practices must prevent fraud while meeting HIPAA and state privacy rules.

A managed security service provider (MSSP) can help monitor your systems, set up secure workflows, and train your team on fraud prevention built for medical practices.

Read More: Benefits of Working with an MSP in the Healthcare Industry

Protect Your Practice from Deepfake Fraud

As deepfake technology advances, it’s becoming harder to tell real voices from fake ones. That’s why healthcare practices need strong verification steps to stop deepfake fraud.

Since 2003, ITS has helped healthcare organizations reduce fraud risk and prevent data breaches. Our team can help you set up verification processes that stop deepfake scams before it costs you money or patient trust. We'll show you which controls to implement first and train your staff to recognize suspicious requests.

Schedule a meeting with an ITS expert to review your verification processes, staff training, and technical controls. You will leave with a clear action plan to strengthen your defenses against deepfake fraud and other targeted attacks.

Want to Learn More?

Check out these resources in our Learning Center:

 

Frequently Asked Questions

Q: How can I tell if a voice call is a deepfake?

A: You often can't tell by listening alone. Verify sensitive requests with a call-back to a known number or through a separate, trusted channel before taking action.

Q: What should I do if I suspect a deepfake attack?

A: Do not complete the request; end the call, then call the person back using contact information from your internal records. Report the attempt to your IT security team or MSSP and document what happened.

Q: Do we need special technology to prevent deepfake fraud?

A: Strong verification processes often matter more than specialized tools. Use call-backs, two-person approvals, and written confirmation for high-risk actions, no matter who makes the request.

 

Claudine Santiago

Claudine has 5+ years of experience in SEO and content writing, with expertise in technical and B2B content. She expresses herself through fashion and maintains balance through an active lifestyle at the gym. With a background in Psychology, Claudine is naturally curious about people and their stories. She channels this curiosity into crafting narratives that connect brands with audiences. Her passions and profession align, fueling her drive to create with imagination, curiosity, and heart.