Medical AI Raises New Privacy Risks: Deepfake X-Rays Are Just the Start

Artificial intelligence in medical imaging has delivered real progress—faster reads, fewer missed findings, and more consistent diagnoses. But a quieter, less welcome development has begun to surface: the same technology that lets AI spot a tiny lung nodule can also be turned around to create convincing fake medical images. In May 2026, researchers presenting at the Radiological Society of North America (RSNA) described how deepfake X-rays and CT scans can fool both radiologists and the AI systems designed to catch forgeries. The takeaway isn’t that medical AI should be abandoned, but that patients and professionals need to understand the privacy and security gaps that come with it.

What Happened

The RSNA research, first reported by the society in March and expanded on in May, demonstrated that manipulated medical images—created using common generative AI tools—can pass visual inspection by human experts and bypass AI-based detection tools. The fakes weren’t crude overlays; they were synthetic images that altered anatomy in subtle but significant ways, such as adding or removing a tumor. Attackers could use these images for insurance fraud, to claim or deny coverage, or even for medical identity theft.

The study did not claim that such attacks are widespread today. But it showed that the technical barrier is low enough that motivated actors—insiders with access to image databases, or external attackers who compromise cloud storage—could produce convincing forgeries. The findings echo similar work in other domains, such as deepfake audio and video, but carry a higher stakes because the “truth” of a medical image can directly affect treatment decisions and financial outcomes.

Why It Matters

Medical imaging AI creates privacy risks in several distinct ways. First, the training datasets used to build these AI models often contain thousands of patient scans, sometimes de-identified but not always with strong guarantees. If a model is later exposed through a breach or shared improperly, those scans can be reconstructed or traced back to individuals. Second, many hospitals now use cloud-based AI services for image analysis, meaning patient data leaves the local network and travels through third-party infrastructure. The more hands touching the data, the more points of failure.

The deepfake angle adds a new layer: even if patient data remains private, it can be used to create fraudulent evidence. An insurer or employer might receive a manipulated scan that falsely shows a condition—or falsely clears someone of one. Because the technology exists and the detection gap is real, the burden shifts to patients to ask the right questions and to healthcare organizations to adopt stronger safeguards.

What Readers Can Do

Patients undergoing medical imaging don’t need to become cybersecurity experts, but a few practical steps can reduce risk:

  • Ask about data handling before the scan. Imaging centers and hospitals should have a clear policy on where images are stored, who has access, and whether AI services are used. If the answer is vague, that’s a red flag. You have a right to ask, especially if you’re paying out-of-pocket or your insurance doesn’t cover the facility.

  • Opt out of research use if you are uncomfortable. Many institutions allow patients to decline having their images used to train or test AI models. This may limit future improvements in care, but it also reduces the number of copies of your scan floating around. The choice is yours, and it should be explained in plain language.

  • Request a record of all data sharing. Under HIPAA in the United States and similar laws in other countries, you can ask for an accounting of disclosures of your health information. If you ever suspect misuse, this can help trace where a leak or an unauthorized use occurred.

  • Be aware that insurance and legal disputes involving imaging can be vulnerable. If you are ever involved in a personal injury claim or disability case, ask your lawyer or advocate to verify the chain of custody for any medical images submitted as evidence. Deepfakes are not yet a routine problem, but the capability exists.

  • Support stronger institutional policies. As a patient, you can encourage your provider to adopt tamper-detection measures like digital watermarks or cryptographic hashing for images. Some hospitals are already testing such tools; the more demand there is, the faster they will spread.

Sources

  • Radiological Society of North America (RSNA), “Medical Imaging AI Opens a Pandora’s Box of Privacy-Related Risks,” May 2026.
  • RSNA, “Deepfake X-Rays Fool Radiologists and AI,” March 2026.
  • General background on healthcare data breaches and AI risks from published patient safety literature and news reports (multiple sources, 2024–2026).

None of this means medical AI is a bad idea—it remains a powerful diagnostic tool. But every technology creates new problems alongside the solutions it offers. The key is to enter with open eyes and practical precautions, not with fear or denial. For now, the best protection is a well-informed patient who asks the quiet, necessary questions.