Clinicians who employ the artificial intelligence chatbot in their practice are sharing the data with its developer, OpenAI, so they have to be sure they do not input protected health information, according to the July 6 article by Genevieve Kanter, PhD, an associate professor of health policy at Los Angeles-based University of Southern California, and Eric Packel, a healthcare privacy and compliance attorney with law firm BakerHostetler.
“This is harder than it sounds,” they wrote. “Transcripts of encounters can be sprinkled with benign comments such as ‘Not to worry, Mr. Lincoln. It’s just a flesh wound, and we’ll fix you right up’ that are considered PHI. Casual references to a person’s residence in this context (‘How’s your new place in Springfield?’) are also PHI. Patient names, including nicknames, references to geographic information smaller than a state, and admission and discharge dates, to cite a few examples, must be scrubbed before transcripts can be fed into the chat tool.”
The two experts recommended that health systems train staffers on the risks of chatbots, including as part of their annual HIPAA training.
At the Becker's 11th Annual IT + Revenue Cycle Conference: The Future of AI & Digital Health, taking place September 14–17 in Chicago, healthcare executives and digital leaders from across the country will come together to explore how AI, interoperability, cybersecurity, and revenue cycle innovation are transforming care delivery, strengthening financial performance, and driving the next era of digital health. Apply for complimentary registration now.
