Healthcare security teams have gotten used to a certain kind of “shadow” problem. Shadow IT was bad enough with unsanctioned apps, unmanaged storage, and random SaaS accounts holding sensitive data.