I let them know that I was cool with transcription software being used as long as it was installed locally on their machines, but I did not want a third party online app having access to recorded sessions for the purposes of transcription. They didn’t take issue with it.

A cynical part in me thinks they’ll just have it “locally installed” in the same way that Firefox is locally installed (doesn’t mean the meaningful part runs locally), and that no third party has access because the servers just don’t show stuff from other tenants even though the server operator could theoretically see all. It’s not like the medical people necessarily know better if their vendor answered the concerns in this manner

One way to find out for lay people might be to turn off WiFi, or disconnect the network cable, and see if it still works — in case you’re in a position where the doc might seem willing to do such a 30-second experiment (if they haven’t already tried this in the past themselves). Doesn’t mean it doesn’t get uploaded when internet is reconnected (e.g. for backups), but that is much harder to check, and if the vendor already made sure the processing is all local then it’s probably okay and not being sold off as training or insurance data

Kudos for reading the terms of service and raising your concerns with them! So long as some of us keep doing that, the privacy of people who don’t know about this sort of thing is also better-protected. Thank you :)

1. If your options are having a doctor that uses AI or having no doctor at all. Some doctor is better than none.

2. I would ask more information about what AI they are using, where the data is processed (locally or online), where and how the AI collected data is stored (locally or in the cloud), who can access your data and whether it could be used for some AI training.

Hello, It us absolutely justified to be worried, tell your doctor you concerns, and ask your doctor questions about the use of AI. If you want some help putting together questions for your doctor lmk.

I’m involved with the development / integration of AI. From the specific text of the AI agreement, it looks like these are the AI tools you’re consenting to:

• Transcription tool: This is a speech-to-text tool. It can differentiate between speakers.

• Transcript -> clinical documentation tool. This takes the text of the transcript, interprets it, and generates clinical documentation based on it.

It does not seem like, as part of the agreement, it covers taking the clinical documentation and attempting to suggest diagnosis or care steps.

I am actually concerned by the “recording and transcript are automatically deleted” line. If your doctor reviews the generated clinical documentation vs the transcript, and misses something for whatever reason, if they are unsure about something in the future they can’t go back and reference the original audio / generated transcript to verify accuracy?

There are also concerns about how they are following HIPAA laws:

What model / service are they using?

Did they do their due diligence in deciding what service to use?

Have they looked at other cases where data companies have said they don’t persist/ sell your data and then they sold it / there was a breach of data that shouldn’t have persisted in the first place?

Do they anonymize personal information before they send it to whatever service they are using? -Note that this is not possible for transcription models, as they cannot know what text to anonymize/censor until the model generates the text. That doesn’t mean there are not HIPAA-compliant text transcription models, text transcription models can even be run locally on maybe consumer-grade devices, meaning the audio doesn’t have to be sent to a 3rd party.

AI and the people pushing it are not trustworthy. They do not have your data security nor your wellbeing at heart, even if your doctor does. LLMs are inherently bad at data security and there is no way these companies can, in good faith, promise HIPPA compliance. Likely, the AI use will be on the part of the insurance company to find ways of denying your claims.

AI summaries often make up details, omit what is important, and get stuff wrong. Every error may follow you forever complicating diagnosis and treatment and ultimately can harm or kill you.

One of our doctors started using AI transcription and summary. I find it lacking substance after AI is done summarizing. You can see her thought process when she type her notes, it’s thorough but concise. The AI summary is definitely short, but it’s not about shortening, it’s about handing your note to another doctor and that doctor is able to follow through with the plan.

I have all sorts of anxiety surrounding AI. Most of the anxiety comes from the misuse, copyright issues and departure from critical and creative thinking. However, one of the fields I actually think it could be very useful and of great benefit is medicine.

That being said, I’d be a no as well. The way this is worded and he track record we’ve seen with privacy doesn’t fill me with much confidence. Feels like another instance off loading of thinking rather as a tool for better diagnosis.

It sounds like America from the process. The confluence of commercialization of healthcare and tools that can make it look like time and attention has been used leads to some bad places. I’d be very sceptical about any advice medical or otherwise I recieved.

The unfortunate truth is that without these tools the cost of care will be higher for health companies not using the tools. Which means bespoke human led care will be a luxury in America in the near future. I don’t think it’s a reality you are going to be able to avoid.

I would push back at every opportunity, double check all of the information you are getting, ask pointed “why this” questions, make doctors clearly communicate that they are the ones giving the recommendation. At the end of the day a good doctor with AI tools is likely to do a better job.

For note taking only, id be fine IF it was all run locally with no ability to be trained on.

Id want assurances from the Dr that they also carefully review the notes immediately after or that I get to see the notes before leaving due to the risk of hallucinations that could cause future care problems.

They could have it visible on a screen while youre in the room with you to help you be sure its accurate.

Edit: id care less about it being local if it wasn’t medical/legal in nature.

It depends on many things. The hard line for me would be is this running locally, on a server with the same IT management as my actual data, or on a third party servers. If the doctor either don’t know this, or can’t give adequate proof that it isn’t running on some third party servers, then all the “prioritize your privacy” aren’t worth shit.

But that’s only the point where I give a hard no. The way it is used would also matter a lot. Is it used as a clutch for reference searching, or a full self driving decision making process that will write me a prescription in the end? This part is the same whether it’s for medical advice or for anything else: if the user is skilled enough to be able to evaluate/validate the output of the process faster than it would have taken them to do it manually, then there might be some value. Some usages fits into this. Some don’t. Summarizing large documents you did not read does not work as a safe thing, because, you’d have to read the document to check the summary. Getting the summary of a drug/sickness/whatever that you know about but need a reminder of, could be ok.

tl;dr: it have to run in a privacy-enabled context (no third parties), it have to be used as a clutch (no skipping work), and the user have to keep is brain en mental activity alive enough to steer the system instead of being dragged by it. As things stands right now, I doubt there’s a lot of doctors that would fit all three points, but in the future, maybe.

I know this might go against the flow here, but realistically if they’re using the tools in the way they say they are (which you should 100% check with your doctor to let him know about possible hallucinations) it’s not that bad. Speech-to-text is not prone to hallucinate, it can fail and detect wrong things but shouldn’t outright hallucinate. After that, LLMs are good at summarizing things, yes they are prone to hallucinations which is why having the doctor review the notes immediately after the session is important (and they said they do), so I don’t see this as such a big issue from the usability point of view.

You might still have issues from a privacy point of view and that’s a much more complex discussion with them about what kind of contract they have with the LLM company to ensure no HIPAA violations (as from the LLM point of view it’s just making a summary of a text it might store it, and then the whole stack is suable). They need to understand that just because they haven’t kept a copy around doesn’t mean the other party hasn’t, and because they shared it out without your agreement (you’re only agreeing to AI note taking which can be done locally so them sharing information with third parties is entirely up to them) they would be liable. I’m not a lawyer, so you might want to double check that, but I would be very surprised if that’s not the way it works, otherwise Drs could get away with a bunch of HIPAA violations by having you sign something that says they use a computer to store data and then storing things in shared Google drive.

nope

No, but.

One of my doctors has an assistant nurse (or whatever they’re called in the hierarchy) take notes just so the conversation can be more fluid. She always asks my permission for if that’s okay with me.

My other doctor types and reads out her notes with me towards the end of my visit to make sure she hasn’t missed anything, and she makes me feel heard and involved.

No, I wouldn’t consent. Sending my PHI to a third party is unnecessary, and AI data centers are a net negative on the planet. I also wouldn’t trust that the Ai service provider isn’t helping themselves to your data + doctor’s feedback to use for further training anyway. Thank god healthcare providers are required to ask before shunting your info off to some third party.

But, if presented with this, I’d talk to my doctor about the extent that third-party AI-services are already being used in my own healthcare. If I can fully opt out, I’d stay. If I didn’t have a real choice to opt out, and if it were easy to find a new doctor that didn’t use Ai-services, ~l’d fuck off so fast, like bye felicia, I ain’t dealing with this palantir-esque bullshit just for getting a rx refill~

Your provider then reviews the content of that note to ensure its accuracy and completeness.

You know they’re not gonna do that, in practice.

Show him the EULA for copilot (where it’s for entertaining purposes only), and tell him you’ll be going elsewhere and leaving an appropriate review.

i wonder if they hallucinate notes post-appointment, i notice that there have been complaints against certain providers that the “doctors” did other examinations that they dint do in-person and it appeared on their records.