[jkingsman]

Privacy is vital, but this isn't covered under HIPAA. As they are not a covered entity nor handling medical records, they're beholden to the same privacy laws as any other company.

HIPAA's scope is actually basically nonexistent once you get away from healthcare providers, insurance companies, and the people that handle their data/they do business with. Talking with someone (even a company) about health conditions, mental health, etc. does not make them a medical provider.

[jacquesm]

> Talking with someone (even a company) about health conditions, mental health, etc. does not make them a medical provider.

Also not when the entity behaves as though they are a mental health service professional? At what point do you put the burden on the apparently mentally ill person to know better?

[irjustin]

Google, OpenAI, Anthropic don't advertise any of their services as medical so why?

You Google your symptoms constantly. You read from WebMD or Wiki drug pages. None of these should be under HIPAA.

[philipallstar]

You're not putting the burden on them. They don't need to comply with HIPAA. But you can't just turn people into healthcare providers who aren't them and don't claim to be them.

[wongarsu]

That line of reasoning would just lead to every LLM message and every second comment on the internet starting with the sentence "this is not medical advice". It would do nothing but add another layer of noise to all communication