A former Mayo Clinic AI compliance director alleges the hospital bypassed regulatory reviews, misrepresented results, and rushed AI tools—including the MAYA assistant—putting patient privacy and care at risk; after whistleblowing she was demoted and eventually terminated, and she seeks damages and a trial.
A federal class-action filed in San Francisco accuses Sutter Health and MemorialCare of using Abridge AI to record, transcribe, and transmit confidential patient-doctor conversations without clear notice or consent, potentially exposing identifiable medical information across multiple facilities in the past six months. The hospitals say they protect patient privacy and comply with laws, while Abridge promotes its AI for improving clinical outcomes.
An Army gynecologist at Fort Hood is accused of secretly recording female patients during exams, with a lawsuit alleging he exploited his position for sexual misconduct and that the Army ignored prior warnings, leading to ongoing investigations and patient notifications.
Some research institutions in Canada, the US, and Italy are using AI-generated synthetic medical data that mimics real patient information without including actual human data, allowing them to bypass traditional ethics review processes due to the data's non-human status and potential privacy benefits.
The article highlights numerous shocking stories of HIPAA violations by healthcare workers, including unauthorized access to patient information, sharing sensitive data, and mishandling medical records, emphasizing the ongoing issues with patient privacy breaches in medical settings.
Medical professionals have shared numerous shocking HIPAA violations, including unauthorized chart access, leaking patient information, and mishandling sensitive data, highlighting ongoing issues with patient privacy in healthcare settings.
Generative AI, such as large language models, shows promise in automatically extracting patients' social needs from clinical records, potentially benefiting both patients and providers. However, challenges such as bias and patient privacy concerns need to be addressed before implementing these tools in real care settings. While there is potential for improving health outcomes and connecting patients with support systems, careful consideration of unintended consequences and patient consent is crucial in the development and deployment of these AI tools.
Seattle Children's Hospital has filed a lawsuit against Texas Attorney General Ken Paxton after he attempted to obtain information about gender-affirming treatment received by Texas youths at the hospital. The hospital argues that Paxton's demands are outside his jurisdiction and constitute "sham requests." Conservative lawmakers in Texas have been pushing to restrict gender-affirming care, and Paxton has been at the forefront of these efforts. Seattle Children's Hospital contends that the requested information is protected under HIPAA and Washington state privacy laws. If Paxton's actions are upheld, it could set a precedent for other states to burden providers of gender-affirming care.
Seattle Children's Hospital has filed a lawsuit against the Texas Office of the Attorney General to block the release of patient information after receiving a subpoena demanding records of Texas residents who have received transition-related care. The hospital argues that producing the information would violate federal and state health care privacy laws and that the Texas attorney general's office does not have jurisdiction over the Washington-based hospital system. The hospital also highlights Washington's "Shield Law" and asserts that the demands are an unconstitutional attempt to investigate and restrict potential travel by Texas residents seeking healthcare in another state. The attorney general's office has not responded to questions about the subpoena and lawsuit.
Cancer patients at the Fred Hutchinson Cancer Center in Seattle are being targeted with extortion emails following a recent data breach. The breach, which occurred on November 19th, exposed the personal information of an unknown number of patients. The emails threaten to leak the patients' data unless they pay a ransom. The center has advised patients not to pay and to report the messages to law enforcement. The extent of the breach and the number of affected patients are still being investigated.
The use of large language models (LLMs) in healthcare has the potential to revolutionize the industry, but there are concerns about ceding control to big tech companies. While technology companies have the resources and processing power, healthcare systems hold vast repositories of clinical data. To ensure the accountability and transparency of medical research and care, a transparent and inclusive approach is needed. Health-care institutions, academic researchers, clinicians, patients, and technology companies should collaborate to build open-source LLMs for healthcare. By pooling their resources and expertise, these organizations can develop transparently evaluated models that meet local institutional needs and incorporate privately held data. This approach would enhance medicine rather than undermine it, ensuring patient privacy and safety.
Indiana Attorney General Todd Rokita has filed a lawsuit against IU Health and IU Healthcare Associates, the state's largest hospital system, alleging that they violated patient privacy laws by publicly sharing the story of a 10-year-old rape victim from Ohio who traveled to Indiana for an abortion. The lawsuit claims that the health care organization violated HIPAA and state law, and criticizes IU Health for creating an environment that threatens the privacy of its Indiana patients. Earlier this year, Rokita's office saw a legal victory when a medical licensing board found a doctor involved in the case to have violated privacy laws, but representatives of the medical community disagree with the decision and believe it will have a chilling effect on patient care. IU Health plans to respond directly to Rokita's office on the filing.
Indiana's attorney general has filed a lawsuit against the state's largest hospital system, accusing it of violating patient privacy laws by allowing a doctor to publicly share the story of a 10-year-old Ohio girl who traveled to Indiana for an abortion. The lawsuit comes after the doctor's account became a focal point in the abortion debate following the Supreme Court's overturning of Roe v. Wade. The hospital system denies violating privacy laws and states that it will respond directly to the attorney general's office.
Indiana's attorney general has filed a lawsuit against the state's largest hospital system, alleging that it violated patient privacy laws when a doctor publicly shared the story of a 10-year-old Ohio girl who traveled to Indiana for an abortion. The doctor's account became a focal point in the abortion debate following the Supreme Court's overturning of Roe v. Wade. The lawsuit claims that the hospital system failed to protect the patient's information and violated HIPAA and state privacy laws. The medical licensing board reprimanded the doctor, but the attorney general's office sought a license suspension. The hospital system maintains that the doctor did not violate privacy laws.
Indiana's attorney general has filed a lawsuit against the state's largest hospital system, accusing it of violating patient privacy laws by allowing a doctor to publicly share the story of an Ohio girl who traveled to Indiana for an abortion. The doctor's account became a focal point in the abortion debate following the Supreme Court's decision to overturn Roe v. Wade. The lawsuit alleges that the hospital system failed to protect the patient's information and violated federal and state privacy laws. The hospital system maintains that the doctor did not violate privacy laws and criticizes the attorney general's pursuit of the case.