Which scenario describes insider risk in healthcare data security?

Insider risk means threats that come from people inside the organization who have legitimate access to data but misuse it or access information beyond what they need for their role. In healthcare, staff such as clinicians or administrative personnel may access patient records; when an authorized user looks at records beyond their job requirements or without proper authorization, it violates the need-to-know principle and can lead to privacy breaches. External threats like phishing or ransomware come from outside attackers trying to gain access, and a breach caused by a vendor is a third-party risk, not an insider one. So, the scenario where an authorized user accesses records beyond need without authorization best illustrates insider risk. Implementing least privilege, access controls, and monitoring can help mitigate this.