The Physician Privacy Risk: Nearly 3 in 4 Doctors Exposed

If you’re a physician practicing medicine in the United States today, there’s a roughly three-in-four chance that your home address, personal phone number, and the names of your family members are sitting on a people search site right now, available to anyone with an internet connection and, in many cases, not even a credit card.

The Invisible Threat Facing Medical Professionals

Here’s a number that should stop you cold: research from data privacy firm Incogni found that roughly 72% of medical doctors they investigated had personal information exposed on at least one people search site. We’re not talking about their office phone number or a hospital bio page. We’re talking about home addresses, personal email accounts, phone numbers, names of spouses and children, property records, and even financial assets, all compiled into dossiers that anyone can access.

And it gets worse. Nearly 40% of the doctors examined appeared on five or more of these sites simultaneously. Over a quarter showed up on ten or more. That’s more than just a data leak.

As someone who advises individuals, families and executives across Fairfield and Westchester Counties, some of whom are physicians and healthcare leaders, this data confirms what I’ve been warning about for years: people search sites may be the single most underestimated threat to personal privacy today.

What Are People Search Sites, and Why Should Physicians Care?

If you’re not familiar with people search sites, think of them as a storefront of the data broker industry. Companies like these scrape public records including voter registrations, property deeds, court filings, marriage licenses, and combine them with commercially available data to build detailed profiles on virtually every adult in the country.

For a physician, this creates a uniquely dangerous exposure. Medical professionals already face elevated risks of stalking, harassment, and targeted violence. A systematic review published in the Journal of the American Academy of Psychiatry and the Law found that between 1% and 25% of physicians reported having been stalked, with rates climbing higher for certain specialties like surgery and obstetrics. When you combine that reality with the ease of finding a doctor’s home address for a dollar or less on a people search site, you begin to understand the scale of the problem.

This isn’t hypothetical. Physical security risks against healthcare workers has been escalating steadily. The U.S. Bureau of Labor Statistics reported that healthcare and social assistance workers experienced the highest counts and rates of workplace violence among all private industry sectors during 2021–2022. And the National Nurses United union found that over 80% of nurses experienced workplace violence in a single year, with nearly half reporting the situation was getting worse.

The threat doesn’t stay at the hospital. People search sites may bring it to your front door.

Why More Established Physicians Are at Greatest Risk

One of the most striking patterns in the data is generational. The Incogni study found that exposure rates climb with age: approximately 66% of Millennial doctors were exposed compared to around 77% of Baby Boomers and over 80% of older generations.

This makes a lot of sense from a data-accumulation standpoint. Every year you live, you generate more records. You buy a home. You register to vote. You get married. You file court documents. Each of these events creates a data point that people search sites harvest and monetize. A 60-year-old department head at a major hospital has three or four decades’ worth of public records trailing behind them like a digital comet tail.

For the latter generation of physicians and healthcare executives I work with here in the tri-state area, this is a critical wake-up call. The very career milestones that mark your success, the home you purchased, the leadership role you earned, the public profile you built, are also what make you most discoverable and most vulnerable.

Geography Matters: Why New York and Connecticut Doctors Face Elevated Exposure

The state-level findings are particularly relevant for our clients. According to the study, 93% of investigated doctors in New York had their personal data exposed on people search sites, the third-highest rate in the country, behind only Nevada and New Mexico, where 100% of investigated physicians were exposed.

Connecticut wasn’t far behind at 70%.

Why do certain states fare so much worse? It largely comes down to public records laws. States with broad open records statutes make it easier for data brokers to hoover up personal information at scale. For physicians practicing in the New York metro area, this means the regulatory environment is actively working against your privacy.

Compare that with states like Alaska (43% exposure) or Illinois (46%), where either tighter regulations or smaller data footprints provide some insulation. The disparity is significant, and it underscores that where you practice medicine may have a direct impact on your digital vulnerability.

The Data Points That Pose Risk For Doctors

It’s worth being specific about what these people search sites actually expose. The most commonly found data categories included:

Personal email addresses and phone numbers — opening the door to phishing, social engineering, and direct harassment
Names of relatives and spouses — enabling threats against family members
Current residential addresses — the single most dangerous data point for anyone facing a stalking or violence risk
Property and asset records — painting a financial picture that attracts fraud, scams, and targeted theft
Legal judgments and criminal records — information that can be weaponized for reputational damage

Some sites also claimed access to education histories, employment records, social media profiles, and photographs. And remember: much of this information is available without any payment at all. The more sensitive details often sit behind paywalls, but those paywalls are very thin, trial memberships for as little as one dollar.

For a determined threat actor, a disgruntled patient, or even a sophisticated scam operation targeting affluent professionals, this is a goldmine.

Why "I Have Nothing to Hide" Is the Most Dangerous Mindset

I sometimes hear this from accomplished professionals: “Paul, I’m not a celebrity. No one’s looking for me.” It’s a dangerous assumption in personal cybersecurity.

You don’t need to be famous to be targeted. You need to be findable. And right now, if you’re a practicing physician in the United States, there’s roughly a three-in-four chance that you are extremely findable.

Data brokers don’t discriminate by your level of fame. They discriminate by the availability of your records. And the profiles they build aren’t just used by curious neighbors. They’re used by identity thieves, scam operators and stalkers.

Only about 3% of the doctors in the Incogni study had their data locked down tightly enough that researchers couldn’t even perform a basic scan. Three percent. That’s not a security standard, that’s a statistical anomaly.

What Physicians and Healthcare Leaders Can Do Right Now

This is where I shift from diagnosing the problem to prescribing the solution. After years of building tailored digital protection programs, here are components of the framework I recommend to physicians and healthcare executives I work with:

1. Conduct a Personal Data Audit

Before you can protect your information, you need to know where it lives. Run your own name through the major people search sites. You’ll likely be surprised by what you find. At Solace, we perform comprehensive personal risk assessments that map out places your personal data appears online, because you can’t remove what you can’t see.

2. Pursue Aggressive Data Broker Removal

Identifying the exposure is step one. Removal is step two, and it can be very time consuming. There are hundreds of people search sites and data brokers, each with their own opt-out process. Some comply quickly. Others make it deliberately difficult. And even after removal, your data often reappears within months as brokers re-scrape public records. This requires ongoing, systematic effort, not a one-time fix.

3. Lock Down Your Public Records

Work with your county and state agencies to understand what records are publicly accessible and explore any available mechanisms for restricting access. Some states offer address confidentiality programs for individuals who face documented threats. Property ownership can sometimes be shielded through trusts or LLCs. Every layer of separation between your name and your home address is a layer of protection.

4. Harden Your Digital Perimeter

Use unique, complex passwords for every account. Enable multi-factor authentication everywhere it’s available. Separate your professional and personal email accounts completely. Audit your social media privacy settings quarterly. And be ruthless about what you share publicly, every data point you volunteer is a data point that brokers can harvest.

5. Engage Professional Personal Cybersecurity Support

This is what we do at Solace. We bring enterprise-grade security methodology to individual protection. For physicians, this means continuous monitoring of data broker sites, automated removal campaigns, dark web surveillance for leaked credentials, and strategic consultation on physical-digital security convergence. And if you face a live cyber threat, we offer emergency response. The threat landscape facing medical professionals can be sophisticated and relentless, a DIY approach is not sufficient.

Final Thought

I want to close with a broader point. This isn’t just a physician problem, it’s an everyone problem. Data brokers collect, process, and sell personal information on hundreds of millions of Americans. Medical doctors are simply a high-visibility, high-risk example of what happens when a dangerous industry operates with minimal regulation.

The physicians who lead departments at major hospitals are not the only ones exposed. Nurses, medical assistants, administrative staff, and yes, everyday people are all swept up in the same challenge. The difference is that medical professionals face uniquely elevated risks due to the nature of their work and the emotions it can provoke in patients and the public.

Until comprehensive federal data privacy legislation catches up with the reality of how personal information is weaponized in 2026, the burden of protection falls on individuals. And for high-profile, high-risk professionals such as physicians, that protection needs to be proactive, continuous, and expert-led.

Dealing with a cyber emergency right now?

Don't wait. Every minute matters.

About the author

Paul Pioselli

Founder of Solace

Paul Pioselli is the Founder and CEO at Solace – Truly Personal Cybersecurity, a concierge cybersecurity firm based in Connecticut. Drawing on Fortune-15 executive experience and advanced technical expertise, Paul specializes in protecting individuals, executives, professionals, and families from online threats, digital fraud, and privacy breaches. His hands-on approach has helped clients recover from hacking incidents, strengthen their digital defenses, and regain peace of mind. Paul’s insights on personal cybersecurity and digital risk management have been featured in local media outlets: 06880 Cyber Defense Magazine and community outreach programs across Greenwich, Westport, Darien and beyond. Recognized for translating complex security concepts into clear, actionable steps, he continues to be a trusted local authority on hacking prevention, identity theft protection, and scam recovery. Through Solace, Paul shares practical strategies that empower individuals to take control of their digital safety.