HIPAA and AI: What Your Practice Actually Needs to Know
Practical, non-vendor-sponsored guidance on AI in regulated healthcare environments. No hype, no "AI will transform healthcare" language. Just compliance reality.
Can Doctors Use ChatGPT with Patient Data? The Real Answer.
ChatGPT Plus has no BAA. ChatGPT Enterprise does. The difference matters, and most providers don't know which version their staff is actually using.
Which AI Vendors Will Sign a HIPAA BAA in 2026?
OpenAI, Anthropic, Microsoft, Google: which plans include a BAA, what they actually cover, and the gotchas that can make a signed BAA functionally useless.
Microsoft 365 Copilot and HIPAA: What's Covered, What's Not
Copilot in Teams, Outlook, and Word can be HIPAA-compliant, but only with the right M365 plan, an active BAA, and specific tenant configuration. Here's what's required.
HIPAA Risks of AI Medical Scribes: What Practices Miss Before Deployment
AI scribes dramatically reduce documentation burden. They also create PHI exposure through subprocessors most practices never audit. What to review before your first patient appointment.
ChatGPT Enterprise vs. Plus for Healthcare: The Compliance Difference
The price difference is significant. The compliance difference is existential. What changes between the $20/mo plan and the enterprise contract, and why it matters for OCR exposure.
How OCR Views AI Vendors: What We Know So Far
The Office for Civil Rights hasn't issued AI-specific HIPAA guidance yet. Here's what the existing enforcement record tells us about how AI tool use will be evaluated under current HIPAA rules.