Technology

A clinician pasted a patient summary into ChatGPT. The AI remembered it. HIPAA didn't forget either.

AI tools are arriving in healthcare faster than the regulations can keep up. But HIPAA already applies when AI touches patient data - and most breaches start with someone using the wrong tool the wrong way. EZBunny's course teaches the practical habits that keep your team out of trouble.

Start 14-day free trial

HIPAA Security Rule requirements apply to any AI tool that processes, stores, or transmits electronic PHI - even consumer tools used informally.

Course Details

Duration

15 minutes

What your team will learn

How AI is already being used in healthcare workplaces (and where the risks are)
Why HIPAA applies to AI even without a specific AI law
The most common mistake: putting PHI in AI prompts
How to distinguish HIPAA-compliant AI tools from consumer tools
The minimum necessary principle applied to AI inputs
Five practical rules for safe AI use in your daily work

Who needs this training?

Recommended for all healthcare organizations as AI adoption accelerates. S = Strongly recommended. This is an emerging area with no current federal mandate.

Practice Type	Status	Authority
Physician Practices & Medical Groups	Recommended	Emerging governance
Telehealth Providers	Recommended	AI-assisted diagnosis common in telehealth
Dental Offices	Recommended	Emerging governance
Urgent Care Centers	Recommended	Emerging governance
Home Health Agencies	Recommended	Emerging governance
Behavioral Health & SUD Treatment	Recommended	Emerging governance
Ambulatory Surgery Centers (ASCs)	Recommended	Emerging governance
Pharmacies	Recommended	Emerging governance
Community Health Centers (FQHCs)	Recommended	Emerging governance
Mental Health Private Practices	Recommended	Emerging governance
Chiropractic Offices	Recommended	Emerging governance
Physical Therapy & Rehab Clinics	Recommended	Emerging governance

Which roles must complete this training?

Anyone who uses or may use AI tools in their work:

Physicians / NPs / PAs: Clinical AI tools for diagnosis, documentation, and decision support
IT Staff: Evaluating and deploying AI tools, BAA management
Administrative Staff: AI for documentation, scheduling, and communication
Research Staff: AI for literature review and data analysis

AI safety training is an emerging best practice. Consider providing it at hire and whenever new AI tools are introduced to the organization.

Common AI Safety training questions

Does HIPAA apply to AI tools?

Yes. HIPAA applies to any tool that processes electronic PHI, regardless of whether it is labeled as an "AI" tool. If a workforce member enters patient information into any AI system, HIPAA's Privacy and Security Rules govern that use - including minimum necessary, access controls, and BAA requirements if the tool is third-party.

What's the difference between HIPAA-compliant and consumer AI tools?

HIPAA-compliant AI tools operate under a BAA with your organization, have appropriate technical safeguards, and do not retain or train on your data. Consumer tools (ChatGPT free tier, Google Bard, etc.) generally do not sign BAAs, may retain inputs for training, and are not appropriate for any use involving PHI.

What should I do before using an AI tool at work?

Check whether the tool has a BAA with your organization. If it does not, do not enter any PHI. If it does, apply the minimum necessary principle - only provide the information the tool needs for the task. When in doubt, ask your compliance officer or IT team before using a new tool.

Get your team ready for AI in healthcare - before a mistake gets expensive

15 minutes per person. Certificate on completion. Start your 14-day free trial now.