top of page

Tech Caveat: HIPPA protected documents and AI servers


Let's say you receive a large stack of medical records in a personal injury case. You're short on time, and you want a quick summary of the most important findings before you dig into more detail. AI may not be the answer, because it has HIPPA problems.


I tested Open AI GPT 4o on May 14, 2024, and asked, does it comply with the Health Insurance Portability and Accountability Act for handing protected health information (PHI). The answer: "GPT-4o does not inherently encrypt or protect data specifically according to HIPPA standards during interactions." "Conversations with AI models like GPT-4o are not private or confidential in the way required for handling PHI." "There is no built-in mechanism to log access or control data handing in a manner compliant with HIPPA."


Open AI does provide some tips to safeguard data when using PHI, including "de-identify data before processing it with AI models to reduce risk of exposure, and work with vendors and AI service providers who explicitly offer HIPPA-compliant solutions."


Bottom line for now: When using any AI service (and there are many available at the consumer and business levels) be careful. You may inadvertently be exposing HIPPA protected health information.


-Mitch Chester


Posted 5/14/24; Image by DALL.E.

Comments


bottom of page