AI health tools and data exposure: A physician’s guide to risk mitigation
We all know that there are high-security and low-security jails. Of course, those are to keep the bad actors in. IT security is designed to keep the bad actors out. Much of IT security is focused on defending against the big risks where billions of dollars and important secrets are on the line. This is akin to high-security prisons.
I am addressing a different issue: people using AI to get more information about their personal health. This is an exploding use of AI and is generally lower risk than many other common uses. Hackers tend to have more interest in credit card numbers, bank accounts and intellectual property than step counts or calorie data. But any personal data can attract cybercriminals.
How do we approach lower-risk data security? Education is more important than technology or software. But first, we must define the terms and the problem. Lower risk does not mean no risk. Diagnoses coupled with Medicare data can lead to fraud. Medical identity theft costs the healthcare industry an estimated $30 billion annually. Using someone’s name to submit fraudulent claims to health insurers is the primary con. Vulnerable adults can also be solicited or targeted for out-of-pocket spending on unnecessary or outright fraudulent health services, medications and supplements. Medical information without identifying information has little value on its own and is far less useful to bad actors.
In my experience as a physician, I regularly see how vulnerable older adults can be. Mrs. Wilson is an elderly widow living in a Florida home with a summer residence in Maine. She is very cautious. She even has us hand-deliver our invoices to avoid the mail, email and faxes. That is why I was shocked by her phone call stating that someone from India called her asking for her Medicare number. I was sure she was going to say, “Of course, I didn’t give it to him.” But when she started with “I spoke to him for 15 minutes,” I knew we were headed for trouble. She went on to say that his firm was contracted to replace paper Medicare cards with plastic ones. She was hesitant to give her number, but he said that he really needed it. However, she would not give her date of birth, telling him that he had enough information already.
This is why simple guidelines about never sharing identifying information with AI are so important.
Large language model (LLM) tools such as ChatGPT, Grok, Claude and Gemini allow users to upload PDF lab results. This can be extremely helpful and often provides clearer explanations than patients receive during rushed medical visits. To protect privacy, lab results can be printed with names, addresses and dates of birth blacked out, then scanned and uploaded. While PDFs can be digitally edited, that process is confusing for many people.
The question then becomes: What information does AI need to help me, and where does risk begin? AI generally needs age, sex and sometimes general location. For example, the “winter blues,” which can be a true depression called Seasonal Affective Disorder (SAD), is strongly influenced by geography. It is far more common in northwest Pennsylvania, where I grew up, than in southeast Florida, where I live. Early warning signs can be identified by uploading wearable data. Decreasing step counts or active calories, increased sleep beyond a person’s usual baseline, combined with location and time of year, can prompt an LLM to flag possible SAD, suggest using a light box for 20 minutes a day and encourage contacting a physician.
With the exception of policy numbers, it is generally acceptable to upload the name of a health insurer and type of coverage. AI tools can help explain coverage before care is sought, though this information should always be confirmed with an insurer or a doctor’s office. AI can also review hospital and physician bills, highlight possible overcharges or duplicate charges, and help patients ask informed questions of billing departments.
There are laws that protect health information. The Affordable Care Act prevents employers and insurance companies from discriminating based on preexisting conditions. The Health Insurance Portability and Accountability Act regulates health information security. The Genetic Information Nondiscrimination Act (GINA) protects against discrimination based on genetic information, though it does not apply to long-term care or life insurance. Individuals considering those types of coverage should be especially cautious about uploading genetic data for AI analysis until coverage decisions are finalized.
In summary, there is never a reason to upload identifying information to AI, including:
- Name
- Date of birth
- Address or email address
- Health insurance policy number
- Social Security number
- Driver’s license number
- Spouse or emergency contact information
An easy mistake is uploading lab results that include this data. Outside of these commonsense rules, AI can be used to support personal health without unnecessary exposure.