Industry Battlecard
Healthcare
Every paste is a potential HIPAA breach. OCR penalties can reach $1.9M per incident category.
Shadow AI risk
Clinicians and billing staff paste PHI into ChatGPT to draft notes, appeal denials, and summarize charts.
Common use cases
- · Clinical note drafting
- · Prior auth appeals
- · Patient education
- · Coding assistance
Compliance impact
HIPAA
HITECH
42 CFR Part 2
State privacy laws
Conversation starter
"Your privacy officer is probably losing sleep over ambient scribes and ChatGPT. Are you governing those separately?"
Discovery questions
- ·Do you have a BAA-covered AI option deployed?
- ·How are you discovering shadow AI use across departments?
- ·What happens when a clinician pastes a chart into ChatGPT today?
Recommended collateral
- Healthcare One-Pager
- HIPAA + LLM Risk Brief