I know 3 people off the top of my head that have gotten in trouble for looking up people's health information because it was physically stored on premises.

All 3 still work in the medical field to this day, one of them is a doctor...

I imagine this is a huge issue in the medical field.

Oh, definitely. Anyone in the medical field who says they've never gossiped about people's health issues is either a saint or bending the truth a bit.

But that's vastly different (though perhaps more invasive) than massive breaches like these: https://www.healthcaredive.com/news/cybersecurity-hacking-he...

On the bright side, at least you know if you are affected!

When an employee snoops, you will never know.

But if you DID find out about the employee snooping you’d have a good chance at getting more than $5 and credit monitoring.

You only know for the breaches that are a) detected and b) not shoved under the rug.