top of page

Tech Caveat: HIPPA protected documents and AI servers

Let's say you receive a large stack of medical records in a personal injury case. You're short on time, and you want a quick summary of the most important findings before you dig into more detail. AI may not be the answer, because it has HIPPA problems.

I tested Open AI GPT 4o on May 14, 2024, and asked, does it comply with the Health Insurance Portability and Accountability Act for handing protected health information (PHI). The answer: "GPT-4o does not inherently encrypt or protect data specifically according to HIPPA standards during interactions." "Conversations with AI models like GPT-4o are not private or confidential in the way required for handling PHI." "There is no built-in mechanism to log access or control data handing in a manner compliant with HIPPA."

Open AI does provide some tips to safeguard data when using PHI, including "de-identify data before processing it with AI models to reduce risk of exposure, and work with vendors and AI service providers who explicitly offer HIPPA-compliant solutions."

Bottom line for now: When using any AI service (and there are many available at the consumer and business levels) be careful. You may inadvertently be exposing HIPPA protected health information.

-Mitch Chester

Posted 5/14/24; Image by DALL.E.


bottom of page