Recently, Liu Li (pseudonym), a pregnant woman from Shandong, received an application to add her "friend" at a local hospital and maternal and child health hospital after completing prenatal check ups. The other party is well aware of various private information such as phone number, address, gestational week, etc. Liu Li's experience is not an isolated case. In recent years, from the leakage of celebrity medical records to the sale of ordinary patient medical records, medical information leakage has formed a mature black industry chain. There are many underlying reasons for the serious leakage of medical information. One is the increased risk of cybersecurity. With the widespread application of AI technology and digital technology, the medical industry is gradually achieving networked, digital, and intelligent management. Along with the improvement of efficiency, there are also more complex network security risks, and the situation of medical data being attacked and destroyed is shocking. According to a domestic cybersecurity company, the medical industry will leak 900 million pieces of data in 2023. The second issue is improper internal control of medical information. As a professional medical institution, hospitals should strictly abide by the principle of medical confidentiality to ensure that patients' personal information is not leaked. However, some hospitals have inadequate security and confidentiality measures, and some hospitals have vague definitions of privacy and fail to refine employee behavior norms, resulting in easy access and dissemination of patient medical information. The third is the misconduct of medical staff. Some medical staff have weak information security awareness and insufficient awareness of the seriousness of leaking patients' medical records and other information. When Chinese table tennis player Wang Chuqin sought medical treatment at a hospital in Changsha, a medical worker at the hospital not only requested signature photos and tennis rackets on site, but also exposed Wang Chuqin's electrocardiogram and other information out of a desire to show off afterwards, which falls into this category. More seriously, some medical personnel are driven by profit and sell patient information for profit. In a typical case reported by the Supreme People's Procuratorate, each piece of maternal information was sold for 50 yuan, and Wei, the head nurse of a hospital's obstetrics department, illegally sold more than 500 pieces of maternal information. To weave a dense medical information security protection network and block the "flood discharge outlet" of medical information, it is necessary to combine severe crackdown on individual cases with systematic governance. Punish information leakers and hold institutional managers accountable, in order to force hospitals to strengthen internal control; We need to strengthen the data security management of network service providers and also safeguard the professional bottom line of internal medical personnel, combining technical and human defense to form a joint effort to maintain medical information security. In addition, patients should also pay attention to the protection of personal medical information, handle and keep their medical documents properly. Only by working together in this way can we install security locks on each of our medical information. (New Society)