In a world where artificial intelligence (AI) permeates virtually every facet of our lives, maintaining the privacy and security of private health information (PHI) remains our primary duty. This is particularly pertinent for therapists who are entrusted with this sensitive information. Today, a new challenge has emerged; it is not just about keeping our physical files and records safe, but safeguarding digital data as well, especially within the ever-expanding ecosystem of AI applications.
The Google Workspace, formerly known as G Suite, has become a staple in many healthcare practices for its convenience and versatility. It facilitates communication, collaboration, and coordination, among other things. However, its increasing integration with AI has brought about unique challenges, particularly with the rise of AI add-ons that could potentially compromise patient data.
Google Workspace and Cloud Identity Enterprise versions that comply with HIPAA regulations may accidentally reveal PHI because of AI integrations. An AI add-on, while incredibly beneficial, can analyze and learn from data it interacts with. If these add-ons are granted access to workspaces with PHI, they may inadvertently expose, analyze, or process this sensitive data, potentially violating HIPAA privacy rules and risking a data breach.
So, what can be done to mitigate this risk while still reaping the benefits of AI integration? The answer lies in “Silohing” your Google Workspace.
“Silohing” is the process of segregating your Google Workspace. Instead of keeping all your data in a single place, you create separate workspaces for different aspects of your business. The primary workspace (Enterprise version with Cloud Identity) would hold all the sensitive patient data and be kept strictly for that purpose, devoid of any AI add-ons. The secondary workspace (A standard version of Google Workspace), where you can enjoy the benefits of AI add-ons, would contain no PHI. This ensures a safer environment for your patient data, minimizing the risk of unintentional exposure.
Google Workspace’s Business Starter plan currently costs $6 a month and the Enterprise edition roughly $20 per month. Considering that HIPAA breaches can cost tens of thousands of dollars, this is a small price to pay.
So, while there are situations in which AI can be harnessed to ease our workload, streamline our business, our daily tasks, and market ourselves, it is still our duty to safeguard our client’s private health data. AI can hold immense potential for improving healthcare, and it should never come at the expense of patient privacy. By “Silohing” Google Workspaces, therapists can strike the balance between leveraging AI technology and protecting sensitive information, thereby reinforcing their role as the trusted gatekeepers of their patient’s health data.
I say, let the AI revolution continue in an informed way, and in a way that respects and protects the sanctity of our client’s private health information. The future of healthcare may be digital, but it must also be secure.
Here are some other handy tips when implementing HIPAA in Google Workspace.
https://workspace.google.com/intl/en/industries/healthcare/
A link to how to implement HIPAA policies and further guidance.
https://services.google.com/fh/files/misc/gsuite_cloud_identity_hipaa_implementation_guide.pdf
In account settings, you will see under Security and Privacy Additional Terms that you have accepted the Clud Date Processing Addendum (CDPA) and the BAA. A link to the BAA is below.