[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"kb-article-medical-ai-privacy-risks-7-ways-models-leak-data-today-en":3,"ArticleBody_TwSFUBmUlxsuEqttVGZDzEajxVKetbPzDnddNkJZBY":213},{"article":4,"relatedArticles":183,"locale":65},{"id":5,"title":6,"slug":7,"content":8,"htmlContent":9,"excerpt":10,"category":11,"tags":12,"metaDescription":10,"wordCount":13,"readingTime":14,"publishedAt":15,"sources":16,"sourceCoverage":58,"transparency":59,"seo":64,"language":65,"featuredImage":66,"featuredImageCredit":67,"isFreeGeneration":71,"trendSlug":72,"trendSnapshot":73,"niche":81,"geoTakeaways":85,"geoFaq":94,"entities":104},"6a3ef1023303d714380e09b3","Medical AI Privacy Risks: 7 Ways Models Leak Data Today","medical-ai-privacy-risks-7-ways-models-leak-data-today","[Hospitals](https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FHospital) are wiring [AI](\u002Fentities\u002F6a0e36ab07a4fdbfcf5ea737-ai) into imaging, notes, and portals, often assuming “de‑identified” data or vendor‑hosted models keep [PHI](https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FPhi) safe.[4][8] In reality, modern systems can re‑expose sensitive data through pixels, prompts, logs, and shadow tools—channels legacy HIPAA programs never treated as systems of record.[1][2] Risk now sits inside routine workflows, not just research sandboxes.\n\n---\n\n## How Medical AI Models Expose Patient Data\n\n[Radiology](https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FRadiology) has shown that stripping [DICOM headers](https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FDICOM) is not enough. Pixel‑level intensity patterns can encode identity and disease signatures that deep models can recover, turning the image itself into a quasi‑identifier.[1][5] This breaks the assumption that “metadata off = privacy on.”[1]\n\n- **Risk**: Image archives used for AI training may be re‑identifiable even when they meet legacy de‑identification checklists.[1][5]\n\n[Generative models](https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FGenerative_model) trained on EHR text, pathology reports, or chats can memorize rare cases and later regurgitate PHI when prompted.[2] Viewpoint work on clinical LLMs highlights threats during:\n\n- Data collection and labeling  \n- Model training and evaluation  \n- Deployment, where prompts, logs, and outputs all carry regulated data[2][4][8]\n\nExample: An oncology practice used an “AI scribe” whose vendor stored full transcripts—including names and social history—in centralized logs for model improvement, not disclosed during the pilot.[4][12]\n\nPrivacy‑preserving patterns help but are not guarantees:\n\n- Federated learning avoids raw‑data centralization, yet remains vulnerable to inversion and membership‑inference attacks without defenses like differential privacy.[1]  \n- A breast‑cancer study combining federated learning with differential privacy reached 96.1% accuracy at ε = 1.9, close to non‑federated performance while reducing leakage risk.[3]\n\n[Shadow AI](https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FShadow_library) is now a frontline problem: clinicians and patients paste PHI into unapproved chatbots for drafting, rewriting, or “translation,” bypassing BAAs and monitoring.[6][11] Breaches involving shadow AI cost about US$670,000 more than others, and security teams detect under 20% of these tools.[11][12]\n\n- **Takeaway**: Any place clinicians or patients type PHI into an AI tool—approved or not—is a potential leakage channel.[2][11]\n\n---\n\n## Mitigations: Building Privacy‑First Medical AI\n\nA defensible program starts with clear mapping of:\n\n- Which datasets feed which models  \n- Under which HIPAA permissions or consents  \n- With which vendors and subprocessors[4][8]\n\nResearch on AI and health‑data privacy emphasizes:\n\n- Transparency about model use and data flows  \n- Ongoing staff education  \n- Clear, patient‑facing explanations of safeguards[4][9][10]\n\nTechnically, hospitals should favor:\n\n- Tenant‑isolated or on‑prem LLMs with “no training on your data”  \n- Strong de‑identification and minimum‑necessary prompts  \n- Radiology\u002FCDS using codes, aggregates, or embeddings when feasible  \n- Federated learning with tuned differential privacy, secure aggregation, and active attack monitoring—not assumed safety by default[1][3][8][12]\n\n- **Design pattern**: Isolate PHI, constrain context, and treat prompts and logs as PHI‑bearing systems that need HIPAA‑grade controls.[8][12]\n\nData‑provenance and secondary‑use governance now matter as much as encryption:\n\n- Opaque training‑data lineage can hide sensitive health data and create regulatory and ethical exposure.[7]  \n- FAIR‑style frameworks stress fairness, accountability, and explicit reuse boundaries across the model lifecycle.[9][10]\n\nGovernance must match real workflows:\n\n- Radiology ethics reviews warn that re‑identification is outpacing legacy anonymization.[1][5]  \n- Work on open notes and surveillance capitalism shows patients often widen PHI exposure by pasting record excerpts into consumer chatbots.[6]  \n- Effective programs pair clinician guardrails with patient education on safer AI use alongside portal access.[4][6]\n\n---\n\nMedical AI can transform diagnostics and workflows, but models, prompts, and shadow tools are now high‑value PHI attack surfaces.[2][4] Health systems should map where PHI touches AI—training pipelines, prompts, logs, and vendors—then favor federated or isolated deployments, strengthen provenance documentation, and update staff and patient guidance on safe AI use before the next model goes live.[3][7][11]","\u003Cp>\u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FHospital\" class=\"wiki-link\" target=\"_blank\" rel=\"noopener\">Hospitals\u003C\u002Fa> are wiring \u003Ca href=\"\u002Fentities\u002F6a0e36ab07a4fdbfcf5ea737-ai\">AI\u003C\u002Fa> into imaging, notes, and portals, often assuming “de‑identified” data or vendor‑hosted models keep \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FPhi\" class=\"wiki-link\" target=\"_blank\" rel=\"noopener\">PHI\u003C\u002Fa> safe.\u003Ca href=\"#source-4\" class=\"citation-link\" title=\"View source [4]\">[4]\u003C\u002Fa>\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa> In reality, modern systems can re‑expose sensitive data through pixels, prompts, logs, and shadow tools—channels legacy HIPAA programs never treated as systems of record.\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-2\" class=\"citation-link\" title=\"View source [2]\">[2]\u003C\u002Fa> Risk now sits inside routine workflows, not just research sandboxes.\u003C\u002Fp>\n\u003Chr>\n\u003Ch2>How Medical AI Models Expose Patient Data\u003C\u002Fh2>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FRadiology\" class=\"wiki-link\" target=\"_blank\" rel=\"noopener\">Radiology\u003C\u002Fa> has shown that stripping \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FDICOM\" class=\"wiki-link\" target=\"_blank\" rel=\"noopener\">DICOM headers\u003C\u002Fa> is not enough. Pixel‑level intensity patterns can encode identity and disease signatures that deep models can recover, turning the image itself into a quasi‑identifier.\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-5\" class=\"citation-link\" title=\"View source [5]\">[5]\u003C\u002Fa> This breaks the assumption that “metadata off = privacy on.”\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Risk\u003C\u002Fstrong>: Image archives used for AI training may be re‑identifiable even when they meet legacy de‑identification checklists.\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-5\" class=\"citation-link\" title=\"View source [5]\">[5]\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FGenerative_model\" class=\"wiki-link\" target=\"_blank\" rel=\"noopener\">Generative models\u003C\u002Fa> trained on EHR text, pathology reports, or chats can memorize rare cases and later regurgitate PHI when prompted.\u003Ca href=\"#source-2\" class=\"citation-link\" title=\"View source [2]\">[2]\u003C\u002Fa> Viewpoint work on clinical LLMs highlights threats during:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Data collection and labeling\u003C\u002Fli>\n\u003Cli>Model training and evaluation\u003C\u002Fli>\n\u003Cli>Deployment, where prompts, logs, and outputs all carry regulated data\u003Ca href=\"#source-2\" class=\"citation-link\" title=\"View source [2]\">[2]\u003C\u002Fa>\u003Ca href=\"#source-4\" class=\"citation-link\" title=\"View source [4]\">[4]\u003C\u002Fa>\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Example: An oncology practice used an “AI scribe” whose vendor stored full transcripts—including names and social history—in centralized logs for model improvement, not disclosed during the pilot.\u003Ca href=\"#source-4\" class=\"citation-link\" title=\"View source [4]\">[4]\u003C\u002Fa>\u003Ca href=\"#source-12\" class=\"citation-link\" title=\"View source [12]\">[12]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Privacy‑preserving patterns help but are not guarantees:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Federated learning avoids raw‑data centralization, yet remains vulnerable to inversion and membership‑inference attacks without defenses like differential privacy.\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>A breast‑cancer study combining federated learning with differential privacy reached 96.1% accuracy at ε = 1.9, close to non‑federated performance while reducing leakage risk.\u003Ca href=\"#source-3\" class=\"citation-link\" title=\"View source [3]\">[3]\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FShadow_library\" class=\"wiki-link\" target=\"_blank\" rel=\"noopener\">Shadow AI\u003C\u002Fa> is now a frontline problem: clinicians and patients paste PHI into unapproved chatbots for drafting, rewriting, or “translation,” bypassing BAAs and monitoring.\u003Ca href=\"#source-6\" class=\"citation-link\" title=\"View source [6]\">[6]\u003C\u002Fa>\u003Ca href=\"#source-11\" class=\"citation-link\" title=\"View source [11]\">[11]\u003C\u002Fa> Breaches involving shadow AI cost about US$670,000 more than others, and security teams detect under 20% of these tools.\u003Ca href=\"#source-11\" class=\"citation-link\" title=\"View source [11]\">[11]\u003C\u002Fa>\u003Ca href=\"#source-12\" class=\"citation-link\" title=\"View source [12]\">[12]\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Takeaway\u003C\u002Fstrong>: Any place clinicians or patients type PHI into an AI tool—approved or not—is a potential leakage channel.\u003Ca href=\"#source-2\" class=\"citation-link\" title=\"View source [2]\">[2]\u003C\u002Fa>\u003Ca href=\"#source-11\" class=\"citation-link\" title=\"View source [11]\">[11]\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Chr>\n\u003Ch2>Mitigations: Building Privacy‑First Medical AI\u003C\u002Fh2>\n\u003Cp>A defensible program starts with clear mapping of:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Which datasets feed which models\u003C\u002Fli>\n\u003Cli>Under which HIPAA permissions or consents\u003C\u002Fli>\n\u003Cli>With which vendors and subprocessors\u003Ca href=\"#source-4\" class=\"citation-link\" title=\"View source [4]\">[4]\u003C\u002Fa>\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Research on AI and health‑data privacy emphasizes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Transparency about model use and data flows\u003C\u002Fli>\n\u003Cli>Ongoing staff education\u003C\u002Fli>\n\u003Cli>Clear, patient‑facing explanations of safeguards\u003Ca href=\"#source-4\" class=\"citation-link\" title=\"View source [4]\">[4]\u003C\u002Fa>\u003Ca href=\"#source-9\" class=\"citation-link\" title=\"View source [9]\">[9]\u003C\u002Fa>\u003Ca href=\"#source-10\" class=\"citation-link\" title=\"View source [10]\">[10]\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Technically, hospitals should favor:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Tenant‑isolated or on‑prem LLMs with “no training on your data”\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Strong de‑identification and minimum‑necessary prompts\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Radiology\u002FCDS using codes, aggregates, or embeddings when feasible\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Federated learning with tuned differential privacy, secure aggregation, and active attack monitoring—not assumed safety by default\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-3\" class=\"citation-link\" title=\"View source [3]\">[3]\u003C\u002Fa>\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003Ca href=\"#source-12\" class=\"citation-link\" title=\"View source [12]\">[12]\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Design pattern\u003C\u002Fstrong>: Isolate PHI, constrain context, and treat prompts and logs as PHI‑bearing systems that need HIPAA‑grade controls.\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003Ca href=\"#source-12\" class=\"citation-link\" title=\"View source [12]\">[12]\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Data‑provenance and secondary‑use governance now matter as much as encryption:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Opaque training‑data lineage can hide sensitive health data and create regulatory and ethical exposure.\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>FAIR‑style frameworks stress fairness, accountability, and explicit reuse boundaries across the model lifecycle.\u003Ca href=\"#source-9\" class=\"citation-link\" title=\"View source [9]\">[9]\u003C\u002Fa>\u003Ca href=\"#source-10\" class=\"citation-link\" title=\"View source [10]\">[10]\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Governance must match real workflows:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Radiology ethics reviews warn that re‑identification is outpacing legacy anonymization.\u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-5\" class=\"citation-link\" title=\"View source [5]\">[5]\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Work on open notes and surveillance capitalism shows patients often widen PHI exposure by pasting record excerpts into consumer chatbots.\u003Ca href=\"#source-6\" class=\"citation-link\" title=\"View source [6]\">[6]\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Effective programs pair clinician guardrails with patient education on safer AI use alongside portal access.\u003Ca href=\"#source-4\" class=\"citation-link\" title=\"View source [4]\">[4]\u003C\u002Fa>\u003Ca href=\"#source-6\" class=\"citation-link\" title=\"View source [6]\">[6]\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Chr>\n\u003Cp>Medical AI can transform diagnostics and workflows, but models, prompts, and shadow tools are now high‑value PHI attack surfaces.\u003Ca href=\"#source-2\" class=\"citation-link\" title=\"View source [2]\">[2]\u003C\u002Fa>\u003Ca href=\"#source-4\" class=\"citation-link\" title=\"View source [4]\">[4]\u003C\u002Fa> Health systems should map where PHI touches AI—training pipelines, prompts, logs, and vendors—then favor federated or isolated deployments, strengthen provenance documentation, and update staff and patient guidance on safe AI use before the next model goes live.\u003Ca href=\"#source-3\" class=\"citation-link\" title=\"View source [3]\">[3]\u003C\u002Fa>\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003Ca href=\"#source-11\" class=\"citation-link\" title=\"View source [11]\">[11]\u003C\u002Fa>\u003C\u002Fp>\n","Hospitals are wiring AI into imaging, notes, and portals, often assuming “de‑identified” data or vendor‑hosted models keep PHI safe.[4][8] In reality, modern systems can re‑expose sensitive data throu...","trend-radar",[],584,3,"2026-06-26T21:39:43.180Z",[17,22,26,30,34,38,42,46,50,54],{"title":18,"url":19,"summary":20,"type":21},"Rethinking Privacy in Medical Imaging AI: From Metadata and Pixel-level Identification Risks to Federated Learning and Synthetic Data Challenges — K Giouroukou, K Marias, M Tsiknakis… - … : Artificial Intelligence, 2025 - pubs.rsna.org","https:\u002F\u002Fpubs.rsna.org\u002Fdoi\u002Fabs\u002F10.1148\u002Fryai.250273","Abstract\n\nMetadata, which refers to nonimage information such as patient identifiers, acquisition parameters, and institutional details, have long been the primary focus of de-identification efforts w...","kb",{"title":23,"url":24,"summary":25,"type":21},"Generative AI in medical practice: in-depth exploration of privacy and security challenges — Y Chen, P Esmaeilzadeh - Journal of medical Internet research, 2024 - jmir.org","https:\u002F\u002Fwww.jmir.org\u002F2024\u002F1\u002Fe53008\u002F","Generative AI in Medical Practice: In-Depth Exploration of Privacy and Security Challenges\n\nAuthors of this article:\n\nYan Chen1; Pouyan Esmaeilzadeh1\n\nArticle; Authors; Cited by (279); Tweetations (9)...",{"title":27,"url":28,"summary":29,"type":21},"Federated learning with differential privacy for breast cancer diagnosis enabling secure data sharing and model integrity — S Shukla, S Rajkumar, A Sinha, M Esha, K Elango… - Scientific Reports, 2025 - nature.com","https:\u002F\u002Fwww.nature.com\u002Farticles\u002Fs41598-025-95858-2","Abstract\nIn the digital age, privacy preservation is of paramount importance while processing health-related sensitive information. This paper explores the integration of Federated Learning (FL) and D...",{"title":31,"url":32,"summary":33,"type":21},"Implications of artificial intelligence on health data privacy and confidentiality — A Momani - arXiv preprint arXiv:2501.01639, 2025 - arxiv.org","https:\u002F\u002Farxiv.org\u002Fabs\u002F2501.01639","Ahmad Momani\n\nSubmitted on 3 Jan 2025 (v1), last revised 6 Jan 2025 (this version, v2)\n\nAbstract:\nThe rapid integration of artificial intelligence (AI) in healthcare is revolutionizing medical diagnos...",{"title":35,"url":36,"summary":37,"type":21},"A Review on Navigating Ethical Challenges in Modern Radiology: Balancing Artificial Intelligence Integration and Patient Privacy. — S BhARAdwAj, S VAIdyA… - Journal of Clinical & …, 2025 - openurl.ebsco.com","https:\u002F\u002Fopenurl.ebsco.com\u002Fcontentitem\u002Fgcd:186969285?sid=ebsco:plink:crawler-gcd&id=ebsco:gcd:186969285&crl=c&jrnl=0973709X","By: BHARADWAJ, SARASWATHULA; VAIDYA, SHIRISH; PARIHAR, PRATAP SINGH\nPublished in: Journal of Clinical & Diagnostic Research, 2025\n\nAbstract\nArtificial Intelligence (AI) in modern radiology has increas...",{"title":39,"url":40,"summary":41,"type":21},"Open AI meets open notes: surveillance capitalism, patient privacy and online record access — C Blease - Journal of Medical Ethics, 2024 - jme.bmj.com","https:\u002F\u002Fjme.bmj.com\u002Fcontent\u002F50\u002F2\u002F84.short","---TITLE---\nOpen AI meets open notes: surveillance capitalism, patient privacy and online record access\n---CONTENT---\nOpen AI meets open notes: surveillance capitalism, patient privacy and online reco...",{"title":43,"url":44,"summary":45,"type":21},"Bringing transparency to the data used to train artificial intelligence","https:\u002F\u002Fmitsloan.mit.edu\u002Fideas-made-to-matter\u002Fbringing-transparency-to-data-used-to-train-artificial-intelligence","Popular large language models like GPT-4 are trained using large amounts of data, including publicly available datasets. But these AI training datasets are often inconsistently documented and poorly u...",{"title":47,"url":48,"summary":49,"type":21},"AI in Healthcare: A Practical Checklist for Compliance and Risk Management","https:\u002F\u002Fwww.morganlewis.com\u002Fpubs\u002F2026\u002F05\u002Fai-in-healthcare-a-practical-checklist-for-compliance-and-risk-management","AI-enabled tools are moving rapidly into healthcare delivery, quality improvement, operations, revenue cycle management, and patient engagement. As the technology becomes more deeply embedded, the leg...",{"title":51,"url":52,"summary":53,"type":21},"HIPAA and AI: Navigating Compliance in the Age of Artificial Intelligence","https:\u002F\u002Fwww.hipaavault.com\u002Fresources\u002Fhipaa-and-ai-navigating-compliance-in-the-age-of-artificial-intelligence\u002F","The rise of artificial intelligence (AI) in healthcare has been nothing short of revolutionary. From AI-driven diagnostic tools to predictive analytics for patient care, these innovations promise to i...",{"title":55,"url":56,"summary":57,"type":21},"Secondary use of health data: applications, models, algorithms, and ethical considerations — M Soliman, O Abdelziz, A Radwan, MS Shehata… - AI and Ethics, 2026 - Springer","https:\u002F\u002Flink.springer.com\u002Farticle\u002F10.1007\u002Fs43681-026-01017-2","Abstract\n\nThe secondary use of medical data, amplified by the power of artificial intelligence and deep learning, holds immense promise for transforming healthcare discovery and delivery. However, nav...",null,{"generationDuration":60,"kbQueriesCount":61,"confidenceScore":62,"sourcesCount":63},86915,12,100,10,{"metaTitle":6,"metaDescription":10},"en","https:\u002F\u002Fimages.unsplash.com\u002Fphoto-1576091160550-2173dba999ef?ixid=M3w4OTczNDl8MHwxfHNlYXJjaHwxfHxtZWRpY2FsJTIwcHJpdmFjeSUyMHJpc2tzJTIwd2F5c3xlbnwxfDB8fHwxNzgyNTA5OTg0fDA&ixlib=rb-4.1.0&w=1200&h=630&fit=crop&crop=entropy&auto=format,compress&q=60",{"photographerName":68,"photographerUrl":69,"unsplashUrl":70},"National Cancer Institute","https:\u002F\u002Funsplash.com\u002F@nci?utm_source=coreprose&utm_medium=referral","https:\u002F\u002Funsplash.com\u002Fphotos\u002Fperson-sitting-while-using-laptop-computer-and-green-stethoscope-near-NFvdKIhxYlU?utm_source=coreprose&utm_medium=referral",true,"privacy-risks-from-medical-ai-models-exposing-patient-data",{"score":74,"type":75,"sourceCount":63,"topSourceDomains":76,"detectedAt":80,"mentionsLast7Days":63},76,"spiking",[77,78,79],"insideprecisionmedicine.com","nature.com","theregister.com","2026-06-26T01:27:16.345Z",{"key":82,"name":83,"nameEn":84},"ia","Intelligence Artificielle","Artificial Intelligence",[86,88,90,92],{"text":87},"Radiology images can be re‑identified from pixel intensities alone; removing DICOM headers is insufficient and legacy de‑identification checklists no longer guarantee privacy.",{"text":89},"Generative clinical models can memorize and regurgitate PHI from training data; a federated+DP breast‑cancer model reached 96.1% accuracy at ε = 1.9, showing defenses can approach baseline performance but do not eliminate leakage risk.",{"text":91},"Shadow AI and unapproved chatbots are major attack surfaces: security teams detect under 20% of these tools and breaches involving shadow AI cost about US$670,000 more than other breaches.",{"text":93},"Treat prompts, logs, and vendor training pipelines as HIPAA systems of record: map datasets to models, enforce tenant isolation or on‑prem LLMs, and apply minimum‑necessary, provenance, and consent controls.",[95,98,101],{"question":96,"answer":97},"How do medical images and radiology data leak patient information?","Medical images leak PHI because pixel‑level patterns and learned feature embeddings can encode identity and disease signatures that deep models can recover, so the image itself becomes a quasi‑identifier. Simply stripping DICOM headers or metadata does not remove these signals; studies and radiology reviews show re‑identification risks persist in image archives used for AI training. Practical attacks include model inversion and membership inference, and legacy anonymization checklists do not address these vector types, so image datasets must be treated as potential sources of direct identifiers throughout the model lifecycle.",{"question":99,"answer":100},"What is \"shadow AI\" and why is it especially dangerous for healthcare?","Shadow AI refers to clinicians and patients using unapproved consumer or vendor tools (chatbots, scribes, translation services) that bypass BAAs and monitoring. These tools often log full transcripts and store data centrally for vendor model improvement, creating unmonitored PHI repositories; security teams detect fewer than 20% of these tools and incidents with shadow AI cost roughly US$670,000 more than other breaches.",{"question":102,"answer":103},"What are the highest‑impact mitigations hospitals must implement now?","Hospitals must map data flows from sources to models, treat prompts and logs as PHI, prefer tenant‑isolated or on‑prem LLM deployments with contractual \"no training on your data,\" and deploy federated learning only with tuned differential privacy, secure aggregation, and active attack monitoring. Governance actions include clear vendor subprocessors, provenance documentation, staff training, patient education on safe AI use, and minimum‑necessary prompt engineering to minimize exposure.",[105,112,119,125,130,136,141,146,151,155,160,165,169,173,179],{"id":106,"name":107,"type":108,"confidence":109,"wikipediaUrl":110,"slug":111,"mentionCount":14},"6a0e36ab07a4fdbfcf5ea737","AI","concept",0.98,"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FAi","6a0e36ab07a4fdbfcf5ea737-ai",{"id":113,"name":114,"type":108,"confidence":115,"wikipediaUrl":116,"slug":117,"mentionCount":118},"69d05cf74eea09eba3dfcc0f","Shadow AI",0.96,"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FShadow_library","69d05cf74eea09eba3dfcc0f-shadow-ai",2,{"id":120,"name":121,"type":108,"confidence":115,"wikipediaUrl":122,"slug":123,"mentionCount":124},"6a3ef1cec460e8b42cde80db","Generative models","https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FGenerative_model","6a3ef1cec460e8b42cde80db-generative-models",1,{"id":126,"name":127,"type":108,"confidence":128,"wikipediaUrl":58,"slug":129,"mentionCount":124},"6a3ef1cdc460e8b42cde80d7","HIPAA",0.99,"6a3ef1cdc460e8b42cde80d7-hipaa",{"id":131,"name":132,"type":108,"confidence":133,"wikipediaUrl":134,"slug":135,"mentionCount":124},"6a3ef1cec460e8b42cde80dd","Pathology reports",0.94,"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FPathology","6a3ef1cec460e8b42cde80dd-pathology-reports",{"id":137,"name":138,"type":108,"confidence":139,"wikipediaUrl":58,"slug":140,"mentionCount":124},"6a3ef1cec460e8b42cde80da","Pixel-level intensity patterns",0.92,"6a3ef1cec460e8b42cde80da-pixel-level-intensity-patterns",{"id":142,"name":143,"type":108,"confidence":128,"wikipediaUrl":144,"slug":145,"mentionCount":124},"6a3ef1cdc460e8b42cde80d6","PHI","https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FPhi","6a3ef1cdc460e8b42cde80d6-phi",{"id":147,"name":148,"type":108,"confidence":149,"wikipediaUrl":58,"slug":150,"mentionCount":124},"6a3ef1cec460e8b42cde80dc","EHR text",0.95,"6a3ef1cec460e8b42cde80dc-ehr-text",{"id":152,"name":153,"type":108,"confidence":149,"wikipediaUrl":58,"slug":154,"mentionCount":124},"6a3ef1cec460e8b42cde80de","Clinical LLMs","6a3ef1cec460e8b42cde80de-clinical-llms",{"id":156,"name":157,"type":108,"confidence":133,"wikipediaUrl":158,"slug":159,"mentionCount":124},"6a3ef1cec460e8b42cde80d8","DICOM headers","https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FDICOM","6a3ef1cec460e8b42cde80d8-dicom-headers",{"id":161,"name":162,"type":108,"confidence":163,"wikipediaUrl":58,"slug":164,"mentionCount":124},"6a3ef1cfc460e8b42cde80e5","FAIR-style frameworks",0.91,"6a3ef1cfc460e8b42cde80e5-fair-style-frameworks",{"id":166,"name":167,"type":108,"confidence":139,"wikipediaUrl":58,"slug":168,"mentionCount":124},"6a3ef1cfc460e8b42cde80e3","BAA","6a3ef1cfc460e8b42cde80e3-baa",{"id":170,"name":171,"type":108,"confidence":109,"wikipediaUrl":58,"slug":172,"mentionCount":124},"6a3ef1cfc460e8b42cde80e0","Federated learning","6a3ef1cfc460e8b42cde80e0-federated-learning",{"id":174,"name":175,"type":108,"confidence":176,"wikipediaUrl":177,"slug":178,"mentionCount":124},"6a3ef1cec460e8b42cde80d9","Radiology",0.97,"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FRadiology","6a3ef1cec460e8b42cde80d9-radiology",{"id":180,"name":181,"type":108,"confidence":109,"wikipediaUrl":58,"slug":182,"mentionCount":124},"6a3ef1cfc460e8b42cde80e1","Differential privacy","6a3ef1cfc460e8b42cde80e1-differential-privacy",[184,192,199,206],{"id":185,"title":186,"slug":187,"excerpt":188,"category":189,"featuredImage":190,"publishedAt":191},"6a3e7c033303d714380e05de","Anthropic vs. Alibaba: How Alleged AI Model Theft Collides with National Security and Data Governance","anthropic-vs-alibaba-how-alleged-ai-model-theft-collides-with-national-security-and-data-governance","1. Why Anthropic vs. Alibaba Matters for Every AI User  \n\nWhen a frontier lab and a global cloud provider clash over alleged model theft, the stakes extend beyond IP law into export control, intellige...","hallucinations","https:\u002F\u002Fimages.unsplash.com\u002Fphoto-1675557010061-315772f6efef?ixid=M3w4OTczNDl8MHwxfHNlYXJjaHw0Nnx8YXJ0aWZpY2lhbCUyMGludGVsbGlnZW5jZSUyMHRlY2hub2xvZ3l8ZW58MXwwfHx8MTc4MjQ4MDI1MHww&ixlib=rb-4.1.0&w=1200&h=630&fit=crop&crop=entropy&auto=format,compress&q=60","2026-06-26T13:24:08.858Z",{"id":193,"title":194,"slug":195,"excerpt":196,"category":11,"featuredImage":197,"publishedAt":198},"6a3e40035f4f7d0c4e1fa85a","Political Bias of ChatGPT and Other AI Chatbots: Evidence, Causes, and What Comes Next","political-bias-of-chatgpt-and-other-ai-chatbots-evidence-causes-and-what-comes-next","1. Why political bias in AI chatbots matters now\n\nModern chatbots like ChatGPT and Gemini help draft marketing copy, summarize policy memos, and write speeches, so any political tilt can quietly shape...","https:\u002F\u002Fimages.unsplash.com\u002Fphoto-1668706971199-37e30a4e6298?ixid=M3w4OTczNDl8MHwxfHNlYXJjaHwxfHxwb2xpdGljYWwlMjBiaWFzJTIwY2hhdGdwdCUyMG90aGVyfGVufDF8MHx8fDE3ODI0NjQ1MTR8MA&ixlib=rb-4.1.0&w=1200&h=630&fit=crop&crop=entropy&auto=format,compress&q=60","2026-06-26T09:11:46.633Z",{"id":200,"title":201,"slug":202,"excerpt":203,"category":11,"featuredImage":204,"publishedAt":205},"6a3c1ffec84db6fcbb768a56","Yahoo’s AI Agent Network: How an Open Platform Could Reshape Digital Advertising","yahoo-s-ai-agent-network-how-an-open-platform-could-reshape-digital-advertising","Marketing teams juggle separate tools for planning, audiences, verification, and reporting. Agentic AI promises to act more like a coordinated operating system for media. [5][8]  \n\nYahoo’s new AI Agen...","https:\u002F\u002Fimages.unsplash.com\u002Fphoto-1730817403171-895dab7002e1?ixid=M3w4OTczNDl8MHwxfHNlYXJjaHwxfHx5YWhvbyUyMGxhdW5jaGVzJTIwbmV0d29yayUyMHBsYXRmb3JtfGVufDF8MHx8fDE3ODIzMjUyNDZ8MA&ixlib=rb-4.1.0&w=1200&h=630&fit=crop&crop=entropy&auto=format,compress&q=60","2026-06-24T18:29:15.459Z",{"id":207,"title":208,"slug":209,"excerpt":210,"category":11,"featuredImage":211,"publishedAt":212},"6a3891cf82f59cfd1abe98ef","How Alibaba’s Robot AI Models Push Autonomous Agents Beyond Chatbots","how-alibaba-s-robot-ai-models-push-autonomous-agents-beyond-chatbots","Alibaba’s new robot-focused AI models mark a shift from chat-style interfaces to agents that perceive environments, plan, and execute tasks in warehouses, logistics hubs, and factories.[1] For enterpr...","https:\u002F\u002Fimages.unsplash.com\u002Fphoto-1697577418970-95d99b5a55cf?ixid=M3w4OTczNDl8MHwxfHNlYXJjaHwxfHxhcnRpZmljaWFsJTIwaW50ZWxsaWdlbmNlJTIwdGVjaG5vbG9neXxlbnwxfDB8fHwxNzgyMDkyMjM5fDA&ixlib=rb-4.1.0&w=1200&h=630&fit=crop&crop=entropy&auto=format,compress&q=60","2026-06-22T01:43:39.355Z",["Island",214],{"key":215,"params":216,"result":218},"ArticleBody_TwSFUBmUlxsuEqttVGZDzEajxVKetbPzDnddNkJZBY",{"props":217},"{\"articleId\":\"6a3ef1023303d714380e09b3\",\"linkColor\":\"red\"}",{"head":219},{}]