top | item 45729854

(no title)

jkingsman | 4 months ago

Privacy is vital, but this isn't covered under HIPAA. As they are not a covered entity nor handling medical records, they're beholden to the same privacy laws as any other company.

HIPAA's scope is actually basically nonexistent once you get away from healthcare providers, insurance companies, and the people that handle their data/they do business with. Talking with someone (even a company) about health conditions, mental health, etc. does not make them a medical provider.

discuss

jacquesm|4 months ago

> Talking with someone (even a company) about health conditions, mental health, etc. does not make them a medical provider.

Also not when the entity behaves as though they are a mental health service professional? At what point do you put the burden on the apparently mentally ill person to know better?

irjustin|4 months ago

Google, OpenAI, Anthropic don't advertise any of their services as medical so why?

You Google your symptoms constantly. You read from WebMD or Wiki drug pages. None of these should be under HIPAA.

philipallstar|4 months ago

You're not putting the burden on them. They don't need to comply with HIPAA. But you can't just turn people into healthcare providers who aren't them and don't claim to be them.

wongarsu|4 months ago

That line of reasoning would just lead to every LLM message and every second comment on the internet starting with the sentence "this is not medical advice". It would do nothing but add another layer of noise to all communication