OBJECTIVES: To explore data security risks associated with trauma medical data within hospitals in China, identify and explore the potential underlying factors contributing to these risks and collect suggestions from different stakeholders. DESIGN: This is a qualitative study involving two types of hospital personnel. Data analysis was performed using thematic analysis. SETTING: The study was conducted in 21 tertiary hospitals from 12 provinces in China, distributed across the eastern, central and western regions of the country. The interviews were conducted between April and August 2022. PARTICIPANTS: A total of 27 respondents (7 department heads and 20 doctors) were interviewed through stratified purposive sampling. RESULTS: Data security risks associated with trauma medical data might arise from trauma physicians' inadequate management of trauma data, the absence of trauma data administrators and data management systems and the lack of security measures for trauma databases. Feasible suggestions included training trauma physicians, establishing a trauma data administrator and a trauma data management system and improving basic data security protection measures. CONCLUSIONS: Determining the risks of trauma medical data security and providing tailored suggestions contribute to the development of healthcare data governance in China. This research establishes a foundation for addressing the current risks related to trauma medical data security and could contribute to efforts to improve the overall capacity of trauma data management in China.