Should HIPAA change in the age of AI?

“Artificial Intelligence is rapidly altering the landscape of many industries, and for some, faster than the law can necessarily keep up, leaving those industries unprotected from AI-related concerns. For the healthcare industry in particular, the integration of AI presents large-scale data privacy concerns,” explains An Analysis of Deidentification as a Security Measure in the Age of AI.

More specifically, it introduces a paradox in which patient data can be exposed without any legal violation.

How AI is used in healthcare

AI tools are often used in diagnostic imaging, workflow automation, and preventative medicine. It has also been shown to improve patient outcomes “by up to 45%,” and even modest gains, like a 2.6% increase in early breast cancer detection, can save lives.

However, while AI fits relatively neatly into existing legal doctrines like malpractice and informed consent, it creates various complications for data privacy.

How HIPAA needs to change

In 1996, the internet was becoming commercially available, and HIPAA was introduced as a way to create national standards for handling patients’ medical information.

Initially, HIPAA was not even focused on privacy. Its early provisions dealt primarily with insurance coverage. Privacy and security rules were added later, with the aim of regulating how patient data is stored, accessed, and shared.

Today, HIPAA governs “covered entities” such as healthcare providers and their business associates. It restricts the use and disclosure of protected health information (PHI), which includes identifiable patient data like names, medical records, and contact details.

However, HIPAA has its limitations. As the analysis notes, “HIPAA contains no private right of action for citizens,” so enforcement depends largely on government agencies. Limitations also arise in how HIPAA defines what counts as protected data, particularly how it treats deidentified information.

The deidentification loophole

HIPAA allows healthcare organizations to remove identifying information from patient data (known as deidentification) and then share that data freely. Once data is deidentified, it is no longer considered PHI and falls outside HIPAA’s protections.

According to the law, data is deidentified if it “does not identify an individual and… there is no reasonable basis to believe that the information can be used to identify an individual.” Herein lies the issue that deidentification is based on a checklist, like removing names and account numbers, and not the actual risk of reidentification.

As a result, data can be legally classified as “safe” even when it can still be traced back to individuals using modern techniques. Therefore, “the thing that HIPAA seeks to protect, patient data, is easily exposed because of the inadequacy within HIPAA itself,” the research analysis explains.

Why reidentification is a problem

As early as 1997, researchers showed how anonymized data could be linked back to individuals. In one famous case, a Massachusetts governor was reidentified using publicly available voter data combined with anonymized medical records.

At the time, some argued that such cases were rare, but that assumption is no longer valid, as vast amounts of personal data are now collected through online shopping, wearable devices, social media, and more. The data is often bought and sold through data brokerage markets, which were estimated to be worth $270 billion in 2024.

With so much information available, the likelihood of reidentification has skyrocketed, according to the analysis. In fact, it is now estimated that 99.98% of Americans can be reidentified using just fifteen data points.

In this context, the idea of truly anonymous data becomes questionable. As the analysis puts it, deidentified data increasingly looks like “simply ‘identified.’”

How AI makes the problem worse

Artificial intelligence amplifies the risks of reidentification as it can detect subtle patterns and correlations that humans might miss. It can analyze behavior, preferences, and habits to infer identity, even when obvious identifiers are removed.

For example, AI can use indirect data, like shopping habits or sleep patterns, to help identify individuals. As a result, “artificial intelligence is essentially creating more categories of identifiers,” making it easier to connect anonymized data to individuals.

Many healthcare providers use large language models (LLMs) for tasks like documentation and decision support. Surveys analyzed in the abovementioned study suggest that 76% of physicians use some form of LLM in clinical settings, and nearly half use them to generate documentation.

To use these tools, healthcare workers often input patient data. While HIPAA allows this if the data is deidentified, AI systems are not inherently secure, as they can suffer from data leakage, where sensitive information appears in outputs, or from cyberattacks targeting stored data.

For example, in 2023, researchers discovered that if they asked ChatGPT to “repeat the word ‘poem’ forever,” the program initially complied, but it “eventually spat out the name and associated phone number of a real CEO.” Eventually, “after more prompting, ChatGPT revealed Bitcoin addresses, birthdays, social media handles, and content from dating websites.”

“Additionally, inadvertent disclosures occur because many people are unaware of default settings in ChatGPT; information entered into ChatGPT automatically defaults to training, unless the user opts out.”

Consequently, sensitive information could be retained and reused without the user fully realizing it. “Patient data safety is therefore left up to the individual healthcare entity, meaning patient data could be inconsistently protected, depending on the entity’s level of understanding and familiarity with LLM programs. Thus, with opt-in being the norm, many people could wind up the subject of data leakage, from inadvertent data training.”

The legal paradox

If a healthcare provider improperly exposes identifiable patient data, it may be a HIPAA violation, possibly resulting in an investigation and potential penalties. However, if the same data is first deidentified and then later reidentified (whether through AI or other means), no violation has technically occurred.

This creates what the analysis describes as a “paradoxical loophole,” where “the outcome HIPAA seeks to prevent… is occurring because of the lack of efficacy of a provision of HIPAA itself.”

Moreover, patients have little recourse, as the initial disclosure was legal, there is no basis for a claim, even if the harm is the same.

How can we solve this problem

Banning non-compliant AI tools

Under federal law, healthcare providers must verify that any tools used to transmit or process PHI meet HIPAA’s privacy and security requirements. Email platforms that support these safeguards and offer business associate agreements (BAAs), like Paubox email, can help providers securely incorporate AI into their communications. It is an affordable solution that can easily be integrated into existing healthcare operations.

Additionally, using these platforms can help organizations enhance efficiency, reduce administrative burdens, and maintain patient trust while still benefiting from advanced technologies. As a result, innovation does not come at the expense of data privacy or regulatory compliance.

Strengthening deidentification standards

The analysis argues that HIPAA’s definition of deidentified data should be simplified to focus on outcomes rather than processes, i.e., data should only be considered deidentified if it truly cannot be reidentified.

Rethinking deidentification

Lawmakers must redefine deidentified data as information that genuinely cannot be linked back to an individual. This would align the legal definition with current practicality issues, eliminating the loophole. It would also force healthcare organizations to use stronger data protection methods and stay up to date with technological advances.

As the analysis suggests, “the best solution… is not to get rid of AI, but to alter our methodology in light of technological developments.”

The cost of inaction

Stricter HIPAA standards could increase costs, limit data sharing, and reduce efficiency in some cases. For example, a healthcare provider may need to invest in more secure technology or hire additional staff to comply with the new standards. Additionally, patients may experience delays in receiving necessary medical information if data sharing is restricted.

Healthcare providers must, therefore, weigh the potential benefits of increased security and privacy against the possible drawbacks of decreased efficiency and accessibility. Ultimately, finding a balance between stricter HIPAA standards and efficient data sharing will help maintain patient privacy and quality healthcare delivery.

FAQs

What does HIPAA require for data protection?

HIPAA requires healthcare organizations to implement administrative, physical, and technical safeguards to protect patient information. These include policies and staff training (administrative), secure facilities and device controls (physical), and measures like encryption, access controls, and audit logs (technical).

Together, these safeguards secure protected health information (PHI), so it’s kept confidential, is not improperly altered or destroyed, and is only accessed by authorized individuals.

Can healthcare providers use email to send PHI?

Yes, healthcare providers can use email to send PHI, but the information must be secured during transmission and at rest. Regular Gmail or Outlook platforms are not sufficient on their own. Providers must use a HIPAA compliant platform, like Paubox, which offers encryption, authentication measures, and protections against unauthorized access. Providers must also assess risks and check that their email practices align with HIPAA’s Privacy and Security Rules to prevent accidental or unauthorized disclosures.

Are there any limitations when using AI in HIPAA compliant emails?

Yes, healthcare providers must ensure that AI-powered features comply with HIPAA regulations and industry best practices for data security and privacy. Additionally, providers should evaluate the reliability of AI algorithms to avoid potential risks or compliance issues.