Why You Should Think Twice Before Uploading Your Medical Data to an AI Chatbot
Before you go about your day, here’s a gentle reminder: it’s crucial to consider the implications before sharing your private medical information with an AI chatbot.
Many individuals are now turning to generative AI chatbots such as OpenAI’s ChatGPT and Google’s Gemini to seek answers to their medical queries and gain a better understanding of their health. Some have even resorted to using questionable apps that employ AI algorithms to assess the health of their intimate body parts. Recently, a social media platform, X, has been encouraging users to upload their X-rays, MRIs, and PET scans to its AI chatbot Grok for result interpretation.
Medical data falls under a special category with strict federal protections, which can generally only be bypassed by your own choice. However, just because you have the option to share this sensitive data doesn’t necessarily mean you should. Security and privacy advocates have consistently warned about the risks associated with uploading personal information that can be used to train AI models, potentially exposing your privacy in the future.
Generative AI models rely on the data they receive to enhance the accuracy and information of their outputs. Yet, the transparency regarding how uploaded data is utilized and shared, as well as the purposes it serves, remains unclear. Ultimately, users must trust these companies based on their assurances.
Instances have arisen where individuals discovered their private medical records in AI training datasets, indicating that unauthorized parties, including healthcare providers, prospective employers, or government agencies, could access this information. Furthermore, most consumer apps are not covered by the U.S. healthcare privacy law HIPAA, leaving uploaded data unprotected.
Elon Musk, the owner of X, encouraged users to submit their medical images to Grok, emphasizing that while the AI model is still in its early stages, it is poised to significantly improve over time. The objective is for Grok to enhance its capability to interpret medical scans with consistent accuracy. However, the extent of data access within Grok remains ambiguous, with the privacy policy mentioning that X shares certain users’ personal information with unspecified “related” entities.
It’s crucial to bear in mind that once something is shared online, it remains accessible on the internet indefinitely.
