Artificial intelligence is no longer just a futuristic concept; it is an everyday tool used across organizations to write emails, analyze data sheets, and automate administrative tasks. However, for organizations that must comply with the Health Insurance Portability and Accountability Act (HIPAA), introducing AI poses significant compliance risks.
At Total HIPAA, we regularly help IT administrators, HR employees, insurance agents, and healthcare workers secure their digital ecosystems. A common misconception we encounter is the belief that a tool is “HIPAA compliant” right out of the box.
The truth is simple: No AI tool is inherently HIPAA compliant. Compliance is determined by how you license the tool, the contracts you sign, and how you configure the platform’s backend settings.
Below is a high-level guide to navigating the “Big Five” AI providers (Google, OpenAI, Anthropic, Microsoft, and Amazon), their eligible tiers, and the configuration steps required to protect your organization’s sensitive data.
The Golden Rules of AI Compliance: Training and Retention
Before evaluating individual vendors, every organization must understand two non-negotiable standards mandated by the Department of Health and Human Services (HHS) Security Rule regarding AI utilization:
1. AI Model Training Must Be Completely Blocked
By default, standard consumer AI models use your inputs (prompts) and outputs to “train” and improve future versions of their public software. If an employee pastes protected data into a standard AI window, that data could resurface in a response generated for an external user.
While organizations can securely build or customize a private, internal AI agent that trains strictly on their isolated data, you must configure your settings to completely block your data from being absorbed into a vendor’s public model.
2. The Data Retention Paradox: Navigating “Zero Data Retention”
Under the HIPAA Security Rule (§ 164.312(b)), your organization must maintain strict Audit Controls, meaning you are legally required to record and examine activity in any system containing or interacting with PHI. Furthermore, general HIPAA compliance documentation, including access logs, must be retained for a minimum of 6 years (and even longer under specific state laws).
This requirement creates a major compliance trap when dealing with AI privacy features:
- The Trap: To protect user privacy, many enterprise AI platforms boast Zero Data Retention (ZDR). This means the AI provider processes your prompt in volatile memory and immediately deletes it, disabling their standard tracking logs.
- The Compliance Paradox: If an AI vendor instantly deletes your data and your organization does not capture those logs internally, you have wiped out your mandatory audit trail. If a data breach occurs or an employee accidentally misuses PHI, you will have no forensic way to track what data was sent, when, or by whom.
- The Solution: To remain compliant, you must balance data privacy with robust auditing. When utilizing ZDR features, your IT team must implement an internal secure proxy or API gateway. This configuration allows the AI vendor to immediately drop the data payload, while your organization securely logs the necessary metadata (who accessed the tool and when) to fulfill the 6-year retention mandate.
1. Google Gemini
Google integrates its Gemini AI across its Cloud and Workspace ecosystems.
- Eligible Tiers for a BAA: Google Workspace Enterprise tiers (such as Enterprise Standard or Plus) or Google Cloud Platform (Vertex AI).
- Ineligible Tiers: The free, consumer-facing Gemini website (gemini.google.com), personal @gmail.com accounts, and Google AI Studio (the developer playground) are strictly excluded from BAA coverage.
- Configuration Path:
- Log into your Google Admin Console as a Super Administrator.
- Navigate to Account > Account Settings > Legal and Compliance.
- Locate the Google Workspace HIPAA Business Associate Amendment, review it, and click Accept.
- Next, navigate to Apps > Google Workspace > Gemini and ensure that user access controls restrict Gemini usage only to employees who have been properly trained on your organization’s internal AI policies. Ensure Google Vault is configured to retain required communications data.
For more detailed instructions on configuring Gmail to be HIPAA compliant, see Is Gmail HIPAA Compliant? Well, It Can Be!
2. OpenAI (ChatGPT)
OpenAI offers incredible productivity tools, but their standard consumer models are a compliance minefield.
- Eligible Tiers for a BAA: ChatGPT Enterprise, ChatGPT Business, ChatGPT Edu, and the developer paid API Platform.
- Ineligible Tiers: Free ChatGPT accounts and ChatGPT Plus ($20/month tier) cannot support a BAA.
- Configuration Path:
- Your organization must contact OpenAI Sales to establish a specialized contract or execute the digital BAA via your Enterprise/API dashboard.
- Once signed, navigate to Settings > Organization > Data Controls.
- Under the Data Retention tab, you must toggle configurations carefully.
- Ensure that model training is explicitly turned off.
- For API integrations, select Modified Abuse Monitoring or custom retention windows rather than absolute Zero Data Retention, ensuring that compliance logs are retained for audit visibility without exposing prompt data to unauthorized external review.
3. Anthropic (Claude)
Anthropic’s Claude model has become a favorite for writing and data analysis, but it requires enterprise infrastructure to protect PHI.
- Eligible Tiers for a BAA: Claude Enterprise plan or the first-party Claude API. Alternatively, deploying Claude through Amazon Bedrock (discussed below) falls under an AWS BAA.
- Ineligible Tiers: Claude Free, Claude Pro, Claude Team, and Claude Cowork are explicitly not eligible for a BAA.
- Configuration Path:
- If using the first-party chat interface, the Primary Owner must log into the dashboard and navigate to Organization Settings > Data and Privacy > HIPAA Compliance.
- Review Anthropic’s HIPAA Implementation Guide and click Accept and Enable HIPAA. Note: This is a permanent, one-way structural change for that workspace.
- Ensure that non-covered experimental features (like specific beta APIs or unapproved external tools) are disabled by administrators under your features console.
4. Microsoft (Copilot & Azure OpenAI)
Microsoft has mapped its AI infrastructure directly into the pre-existing compliance boundaries of its commercial cloud.
- Eligible Tiers for a BAA: Microsoft 365 Copilot (available as an add-on for commercial plans like Microsoft 365 E3 or E5) and Azure OpenAI Service.
- Ineligible Tiers: The free web version of Copilot, Copilot Pro (consumer), and any Copilot accessed via personal Microsoft accounts.
- Configuration Path:
- Microsoft includes its BAA within its standard Enterprise Online Services Terms (OST) for eligible commercial accounts.
- Because Microsoft 365 Copilot pulls data directly from your organizational files via Microsoft Graph, your primary configuration task is data lifecycle management.
- Administrators must use the Microsoft 365 Compliance Admin Center to set up Data Loss Prevention (DLP) rules. This ensures that Copilot does not accidentally pull unencrypted files containing protected data or share sensitive information with employees who lack authorized clearance.
5. Amazon Web Services (AWS Bedrock)
Amazon Bedrock allows organizations to build applications utilizing foundation models from multiple companies (including Anthropic and Amazon) within a secure cloud boundary.
- Eligible Tiers for a BAA: All production-level use of Amazon Bedrock offers a standard, comprehensive AWS Business Associate Agreement.
- Ineligible Tiers: Free tier developer sandboxes or unmanaged cloud accounts without a formal AWS organization agreement.
- Configuration Path:
- Sign in to the AWS Management Console and navigate to AWS Artifact.
- Locate, review, and accept the AWS Business Associate Addendum (BAA) at the organization account level.
- Navigate to the Amazon Bedrock Console and implement Guardrails for Amazon Bedrock. Configure these guardrails to automatically redact or block sensitive data fields (like Social Security numbers or medical record identifiers) from entering prompt pipelines. Ensure AWS CloudTrail logging is fully turned on to maintain your 6-year compliance audit trails.
Total HIPAA’s Core Recommendation: When in Doubt, Leave PHI Out
While these configurations make it legally and technically permissible to utilize enterprise AI platforms, Total HIPAA strongly recommends a conservative approach: Do not input protected data or PHI into AI platforms unless it is absolutely necessary for your core operations (Minimum Necessary). Even with a signed BAA, an AI platform cannot stop an untrained employee from accidentally leaking data, over-sharing restricted records, or misconfiguring a setting. Technology is only as compliant as the human operator using it.
Have you performed a comprehensive Risk Assessment this year? Are your HIPAA Policies and Procedures updated for modern cloud configurations? Our HIPAA Prime™ program creates customized compliance plans, simplifies documentation, and provides your team with easy online training. Schedule a call to protect your business today!
Disclaimer: Total HIPAA provides industry-leading compliance training, policy templates, and regulatory guidance to keep your organization secure. Please note that Total HIPAA does not provide technical software configuration, IT implementation, or dashboard setup services. For technical assistance executing the configuration paths outlined above, please consult your internal IT department, a certified cloud administrator, or your vendor’s technical support team.