Before you dive into your day, here's an important reminder: think twice before uploading your private medical data to an AI chatbot.
More and more people are turning to generative AI chatbots, such as OpenAI’s ChatGPT and Google’s Gemini, to ask questions about their health and better understand medical concerns. Some individuals have even relied on questionable apps using AI to assess potential diseases in sensitive areas, such as genital health. Most recently, since October, users on the social media platform X have been encouraged to upload their X-rays, MRIs, and PET scans to the platform's AI chatbot, Grok, for analysis.
Medical data is a unique category protected by federal laws, and it is ultimately your decision whether or not to share it. However, just because you have the option doesn't mean you should. Security and privacy experts have long warned that uploading sensitive data may contribute to the training of AI models, potentially exposing your private information down the line.
Generative AI models are often trained using data they receive, under the premise that the information helps improve the model’s accuracy. However, it’s not always clear how the uploaded data is used, or with whom it’s shared. Companies can change their policies, and users must rely on their word for transparency.
There have been instances where private medical records have ended up in AI training datasets, meaning that others—such as healthcare providers, potential employers, or government agencies—could access this data as well. Moreover, most consumer apps are not covered by U.S. healthcare privacy laws like HIPAA, leaving your uploaded information unprotected.
X owner Elon Musk, who has encouraged users to upload their medical images to Grok, acknowledged that the results from Grok are still in the “early stage.” However, he believes that the AI model will eventually improve and become capable of accurately interpreting medical scans. As for who has access to the data submitted to Grok, it remains unclear; Grok’s privacy policy states that X shares some users’ personal information with an unspecified number of “related” companies.
Remember: once something is on the internet, it often never truly disappears.
(Source: TechCrunch)
BD-Pratidin English/Mazdud
