AI Is Reading Your X-Rays – Here’s What That Means for Your Privacy

AI Is Reading Your X-Rays – Here’s What That Means for Your Privacy

Medical imaging has quietly become one of the biggest success stories for artificial intelligence in healthcare. At the Radiological Society of North America’s 2025 meeting, the technical exhibits featured the largest radiology AI showcase ever, with dozens of tools promising to read X-rays, CT scans, and MRIs faster than human radiologists. The potential is real: faster detection of fractures, tumors, and early signs of disease.

But as AI moves from the lab into your hospital’s reading room, a less‑talked‑about risk is surfacing. The same technology that can spot a tiny nodule can also be used to manipulate images, leak your data, or reidentify you from supposedly anonymous scans. This isn’t science fiction—it’s happening now, and patients need to know what to watch for.

What’s Happening with Medical Imaging AI

Recent research presented at RSNA showed that deepfake X‑rays can fool both human radiologists and AI diagnostic tools. In these studies, researchers used generative models to insert or remove medical findings—such as a lung nodule or a fracture—into real X‑ray images. The manipulated scans looked authentic enough that radiologists could not reliably tell the difference, and AI algorithms trained to detect abnormalities were equally misled.

This raises two distinct concerns. First, a malicious actor could theoretically alter a patient’s imaging records to change a diagnosis, delay treatment, or commit insurance fraud. Second, if AI models themselves can be tricked, the trust we place in automated screening tools needs a hard look.

Why It Matters for Your Privacy

Beyond image tampering, there’s a quieter but more widespread privacy problem. Your medical scans are often used to train or test new AI models. While hospitals and researchers usually say they “anonymize” the data, research has repeatedly shown that de‑identification is not foolproof. Facial features, bone structure, or even the shape of your sinuses can be reconstructed to reidentify you from a chest X‑ray.

At RSNA 2025, the scale of data collection was unprecedented. Thousands of patient images flow through AI training pipelines, often with broad consent forms that bury the details. If you’ve had a scan at a large health system or participated in a clinical trial, there’s a good chance your images have been used to train a commercial AI tool—without you being told which tool, where the data went, or what safeguards are in place.

And the risks aren’t just hypothetical. In 2023, a major health system disclosed that a third‑party AI vendor had used patient scans for a different purpose than originally agreed. The vendor argued that the consent forms allowed “research use.” The patients had never been asked directly.

What You Can Do to Protect Yourself

You don’t have to avoid imaging AI altogether. But you can take a few practical steps to protect your privacy.

Ask about AI before you scan. When your doctor orders an X‑ray or MRI, ask whether the images will be processed by an AI system. If yes, ask who runs the AI—a hospital‑developed tool or a third‑party vendor. Hospitals are required to notify you under HIPAA if your data is shared with a business associate, but they don’t always volunteer the information.

Review the consent form. Many imaging centers now include a clause about “AI training” or “research use” in the standard consent for a scan. Look for it. If you’re uncomfortable, ask if you can opt out of data sharing while still receiving the scan. Some institutions will allow this; others may not. It’s worth asking.

Request a data use agreement for research. If you join a clinical trial that involves imaging, ask the study coordinator specifically how your images will be used, stored, and with whom they might be shared for AI training. You have a right to know whether your data will be sold or licensed to a third party.

Encourage your healthcare provider to adopt stronger safeguards. Encryption of images at rest and in transit, strict access controls, and regular audits of AI vendors are steps that every health system should take. As a patient, you can raise the issue with your provider’s privacy office. The more patients ask, the more likely these practices become standard.

The Bottom Line

Medical imaging AI can save lives—there’s no arguing that. But the privacy risks surrounding it are real and growing. The RSNA presentations made clear that the technology is advancing faster than the rules that govern it. As a patient, your best defense is to stay informed, ask questions, and push for transparency before you say “yes” to that scan.

Sources

• Deepfake X‑Rays Fool Radiologists and AI – Radiological Society of North America (RSNA), March 2026
• RSNA 2025 Technical Exhibits Feature Largest Radiology AI Showcase – RSNA, September 2025
• Medical Imaging AI Opens a Pandora’s Box of Privacy‑Related Risks – RSNA coverage, May 2026