Is ChatGPT HIPAA Compliant? A Straight Answer for Medical Practices
The short version: not by default — and using it with patient information is a HIPAA violation. Here's the precise version, including when AI tools can be used with PHI and what actually makes one compliant.
The direct answer: The consumer and Team versions of ChatGPT are not HIPAA compliant, because they are not covered by a Business Associate Agreement. If you paste protected health information into them, that is a HIPAA violation — regardless of how careful you are with the output.
Why "compliant" is the wrong way to think about it
There is no such thing as a "HIPAA-certified" or inherently "HIPAA-compliant" software product. HIPAA compliance is a property of how a tool is used and contracted for — not a badge the software carries. A tool becomes usable with PHI when three things are true: the vendor will sign a Business Associate Agreement (BAA), the specific product and configuration you're using is covered by that BAA, and you use it inside appropriate safeguards.
So the real question isn't "is ChatGPT HIPAA compliant?" It's "do we have a signed BAA covering the exact ChatGPT product and configuration we're about to send PHI through?" For most practices, the answer is no.
What counts as PHI here
Protected health information is any information that can identify a patient combined with something about their health, care, or payment. A chart note is PHI. A patient's name plus their appointment reason is PHI. A photo. A lab value tied to a person. Even a free-text message like "draft a letter for Mrs. Alvarez explaining her biopsy results" is PHI the moment it leaves your compliance boundary.
The most common violation we see isn't malicious. It's a busy provider pasting a note into ChatGPT to get a plain-language summary or a drafted letter. Useful — and a HIPAA violation, because the PHI just crossed into a system with no BAA.
"But I removed the name" — why that usually isn't enough
De-identification under HIPAA is a specific standard, not a vibe. Safe Harbor requires removing 18 categories of identifiers — names, geographic detail smaller than a state, all date elements tied to the individual, ages over 89, medical record numbers, account numbers, biometric identifiers, full-face photos, and any other unique identifying characteristic. Strip the name but leave "78-year-old male, seen 3/14, MRN ending 4471, rare presentation" and you have not de-identified anything.
Rule of thumb: if you'd feel uncomfortable posting the text publicly because someone could figure out who it's about, it's still PHI — and it doesn't belong in a tool without a BAA.
When ChatGPT (or its underlying models) can be used with PHI
OpenAI does offer BAAs — but for specific products and configurations, not the default consumer account. In practice, compliant paths include:
- The OpenAI API with a signed BAA and zero data retention enabled. This is a different product from the consumer app, contracted separately.
- Azure OpenAI Service under Microsoft's BAA, configured with the appropriate data-handling settings.
- Enterprise plans that explicitly include BAA coverage for the specific endpoints you use.
The distinction that catches practices out: "OpenAI offers a BAA" is not the same as "our account is covered by a BAA." The agreement covers named products, endpoints, and configurations. The personal account someone created with a Gmail address is not on that list.
What a compliant setup actually requires
A BAA is necessary but not sufficient. To use an AI tool with PHI responsibly, you also need:
A current Security Risk Assessment that names the tool, describes the data flow, and scores the residual risk. Adding an AI tool is a material change; if your SRA predates it, your SRA is out of date.
Least-privilege access so the tool sees only the minimum data required — not the whole chart, not the whole patient roster.
A contractual no-training clause so your PHI is never used to train or improve the vendor's models.
Audit logging covering what the tool read and wrote, retained per your policy (typically six years).
A written staff policy naming which tools are approved for which uses — and explicitly prohibiting the consumer versions employees reach for by habit.
If you've already used it with PHI
Don't panic, but don't ignore it. Document what happened, stop the practice immediately, and assess whether it's a reportable breach under your incident-response policy. Then update your SRA and stand up an approved-tools policy. Regulators distinguish sharply between a one-time mistake handled with diligence and an ongoing, undocumented practice. The worst outcome comes from doing nothing.
The bottom line
ChatGPT in its default form is not something you can use with patient information. That doesn't mean AI is off-limits for your practice — it means the AI has to be set up correctly: BAA-covered infrastructure, least-privilege access, audit trails, and a current risk assessment. That's a solvable engineering and compliance problem, and it's exactly the kind of build we do.
Want AI in your practice without the compliance risk?
We build HIPAA-aware AI automation inside a BAA-covered boundary, and deliver written HIPAA Security Risk Assessments — led by a CISSP-certified practitioner.