What AI actually is for a clinician — and the one privacy rule that comes first
TL;DR: Tools like Claude and ChatGPT are drafting engines, not databases and not clinicians — they generate fluent text by pattern, which makes them excellent at language work and unreliable as a source of facts. Both are manageable once you know it. But before you type a single word, set one rule for your practice: no patient-identifiable information goes into a general-purpose AI tool. Ever. This guide explains why, and gives you a one-page policy to adopt today.
Who this is for: any clinician or clinic owner who hasn’t used these tools yet, or has been using them without a privacy rule in place. Nothing to buy; 10 minutes.
What these tools actually are
A tool like Claude or ChatGPT is a large language model (an AI system trained on enormous amounts of text to predict what words most plausibly come next). That one design fact explains almost everything about how to use it well:
It generates language; it doesn’t look things up. When it writes a paragraph about ferritin, it isn’t consulting a reference — it’s producing the most plausible-sounding text based on patterns in what it read. Often that text is accurate. Sometimes it’s confidently wrong (the field calls these errors “hallucinations” — invented facts, studies, or numbers delivered in a perfectly assured tone).
Fluent is not the same as correct. The output reads like it was written by someone competent. That’s the property that makes these tools useful for drafting — and the property that makes unverified output dangerous in a clinical setting. You already know this posture: it’s the same skepticism you’d apply to a charming drug rep.
It’s a superb mimic. Give it your writing, your structure, or your source material, and it works from that — which is where the reliable value is. The dependable pattern for clinical work: you supply the facts and the source material; it supplies the drafting labor. Never the reverse.
What that means in a clinic
Where these tools genuinely earn their keep, today, with no patient data involved:
- Drafting patient-education material you then verify and edit — the handout explaining what a tendinopathy is, at a reading level your patients actually read at.
- Rewording and restructuring — intake forms, website copy, that email you’ve rewritten four times.
- Summarizing documents you provide — a guideline PDF, your own notes for a talk.
- Repurposing — turning one piece of writing into five formats.
- Business thinking — pricing a service, planning a quarter, structuring a decision.
Where they are the wrong tool:
- As a source of facts, references, or dosages. Anything factual that will reach a patient gets verified against a real source first. No exceptions.
- As a clinical decision-maker. Diagnosis and treatment decisions are yours, made with your training and your regulated judgment. (Clinical AI tools with proper agreements are a separate, later conversation — see the safety note below.)
- As a place to put patient information. Which brings us to the rule.
The one rule: the PHI line
Nothing that could identify a patient goes into a general-purpose AI tool — no names, no initials-plus-details, no case descriptions specific enough that someone could work out who it is.
Why this is non-negotiable:
1. You’re the custodian, and the law applies — on both sides of the border. Pasting patient details into a consumer chatbot is a disclosure to a third party you have no health-information agreement with.
- Canada: patient information is governed by PIPEDA (the federal private-sector privacy law) and provincial health-privacy legislation, and Canada’s federal and provincial privacy regulators have jointly published principles for how privacy law applies to generative AI — with health care explicitly named among the “highly impactful contexts” demanding the most care.
- United States: under HIPAA, protected health information (PHI) can only be shared with a vendor that has signed a Business Associate Agreement (a BAA — the contract making the vendor legally responsible for safeguarding PHI). Consumer AI accounts don’t come with one, which by itself puts every consumer chatbot on the wrong side of the line. State privacy laws add their own layer on top.
Different statutes, same conclusion: a general-purpose AI tool is a third party, and patient information doesn’t go to third parties without the right agreement in place.
2. Consumer AI tools may keep and learn from what you type. As of this writing, the consumer tiers of major AI tools — including paid personal plans — can use your conversations to train future models depending on a privacy setting: OpenAI’s ChatGPT trains on consumer conversations unless you turn it off, and Anthropic’s Claude asks you to choose — a choice that’s easy to click through, and one that can extend how long your data is retained. The settings exist and are worth checking — a later guide walks through them — but your practice’s privacy posture should never depend on a checkbox you set once and a vendor can move.
3. “I’ll just remove the name” is weaker than it sounds. In a small community, “58-year-old retired teacher, Cordova Bay, frozen shoulder after her second vaccination” identifies a person to anyone who knows her. De-identification that actually holds is harder than deleting a name — when in doubt, don’t paste it; describe the general situation instead (“write a handout about frozen shoulder in perimenopause” carries zero patient data and gets you the same draft).
The clean pattern that makes all of this easy: AI drafts the generic asset — the template, the handout, the explainer, the email skeleton. The patient-specific part happens inside your practice-management system, done by a human. AI never needs to know your patients exist to take real work off your plate. That’s not a limitation; it’s the design.
Safety note — where the line sits for this guide. Everything recommended here is patient-data-free by design. Tools that do touch patient information — AI scribes, PMS-native AI features — exist and can be used responsibly, but they’re a procurement decision: proper agreements (PIPEDA/provincial posture in Canada; a signed BAA in the US), data-residency answers, patient consent, and your college’s or board’s expectations. On consent: the CMPA is explicit that patient consent should be obtained before any recording of a clinical encounter — explained in plain language, covering the privacy and accuracy risks, and documented in the record; in the US, roughly a dozen states additionally require all-party consent to record a conversation at all — check your state before any scribe pilot. That’s a later step on the staircase — this guide is step one, and step one never touches PHI.
Install this: the PHI Line policy
Copy this into a document, adapt the bracketed lines, and treat it as practice policy — solo practices included (the discipline matters more than the headcount). Share it with anyone who works in your systems.
# [PRACTICE NAME] — AI Use Policy: The PHI Line
Effective: [DATE] · Owner: [NAME] · Review: every 6 months
## The rule
No patient-identifiable information enters any general-purpose AI tool
(Claude, ChatGPT, Gemini, Copilot, or similar). This includes:
- names, initials, dates of birth, contact details
- photos, documents, lab results, chart excerpts
- case details specific enough to identify someone in our community
## What general-purpose AI IS approved for
- drafting patient-education materials (generic; clinician-verified before use)
- marketing, website, and social content (claims sourced; clinician-approved)
- internal documents: SOPs, templates, checklists, non-patient email
- summarizing published literature and documents we supply
- business planning and analysis (de-identified/aggregate numbers only)
## The pattern
AI drafts the generic version. Anything patient-specific is completed by
a person inside [PMS NAME], never in an AI tool.
## Tools that touch patient data (scribes, PMS AI features)
Require ALL of the following BEFORE first use:
- [ ] a signed agreement covering health information
(Canada: PIPEDA/provincial compliance + data-residency answer;
US: a signed BAA)
- [ ] patient consent workflow in place, with an opt-out
(US: confirm state recording-consent law before any scribe use)
- [ ] check of our college's / licensing board's current AI guidance
- [ ] sign-off by [NAME]
## Settings hygiene (do once, re-check quarterly)
- [ ] training/data-sharing settings reviewed on every approved AI account
- [ ] one named person owns this policy and the quarterly re-check
## When unsure
Don't paste it. Ask [NAME / privacy officer], or check with your college
or licensing board — and your malpractice carrier (Canada: CMPA) —
before proceeding.
(A guided version of this — with the settings walkthrough for each tool — is in the Safe Setup Checklist.)
What’s next
Rule in place, you’re cleared for the fun part: the next guide covers which AI tool for which job — what to use for writing, for research, for design, and where each one’s PHI line sits.
Sources
- OPC — Principles for responsible, trustworthy and privacy-protective generative AI technologies (joint federal/provincial/territorial regulators’ guidance; names health care among highly impactful contexts)
- OPC — Privacy and artificial intelligence hub
- Anthropic Privacy Center — Is my data used for model training? (consumer-tier training/retention settings, current policy — rev. Mar 2026)
- OpenAI Help Center — How your data is used to improve model performance (consumer tiers train unless opted out)
- Tom’s Guide — how to opt out of Claude AI training (the 2025 consumer-terms change, plain-English)
- McCarthy Tétrault — AI scribes and privacy risks (Canadian legal analysis: consent, custodianship)
- CPSO — Using Artificial Intelligence in Clinical Practice (example of college-level advice to the profession)
- HHS — Business Associates (HIPAA) (the BAA requirement for sharing PHI with vendors)
- CMPA — AI Scribes: Answers to frequently asked questions (published Dec 2023, revised Dec 2025 — consent before recording, privacy/security review, vendor-selection questions)
- RCFP — Reporter’s Recording Guide (state-by-state recording-consent law; the all-party-consent states)
Get the Safe Setup Checklist
The ten things to change before your first real AI work session — including the exact privacy settings per tool.