Physicians are using ChatGPT for many things, mainly to consolidate notes. There has been a lot of focus on using AI to quickly find answers to clinical questions, but a lot of practical interest among physicians has also been in summarizing visits or writing correspondence that everybody has to do, but nobody wants to do. A lot of that content has protected health information in it.
When physicians meet with their patients, they want to be fully engaged instead of taking notes. They may take brief notes but then have to elaborate on them for the medical record later. It’s much easier and better than the patient-physician interaction to have the physician focus on the patient and have the encounter be recorded and transcribed. Then the transcription could go into the Chat GPT window, which reorganizes it and summarizes it.
The protected health information is no longer internal to the health system. Once you enter something into ChatGPT, it is on OpenAI servers and they are not HIPAA compliant. That’s the real issue, and that is, technically, a data breach.