Medical Imaging AI and Your Privacy: The Hidden Risks You Should Know

Medical Imaging AI and Your Privacy: The Hidden Risks You Should Know

Artificial intelligence is making medical imaging faster and more accurate. Tumors are found earlier. Scans are read in seconds. But as AI tools become routine in radiology, a less visible side effect is emerging: new risks to your privacy.

A recent special report from the Radiological Society of North America (RSNA) warned that the use of large language models and other AI tools in radiology opens what it called a “Pandora’s box” of privacy-related risks. For patients, this raises questions that many don’t even know to ask.

What happened?

In May 2025, the RSNA published a special report focused on cybersecurity threats involving large language models in radiology. Around the same time, researchers demonstrated that an AI tool can extract body composition data—like muscle and fat measurements—from routine chest X‑rays. That means a scan taken for one purpose (say, checking for pneumonia) could later reveal information you never agreed to share.

More concerning: the same AI models that make radiology smarter can also be vulnerable to attacks. If a model is trained on millions of patient images, a technique called “model inversion” can sometimes reconstruct images from the training set—including identifiable features. Even when scans are de‑identified, re‑identification attacks can link that data back to you by matching patterns in the images with other public records.

Why it matters for patients

The immediate risk is that your medical images could be used to train commercial AI models without clear consent. Consent forms often include broad language about “research” or “quality improvement,” but few patients realize those clauses can permit data to be shared with third‑party AI developers.

Beyond that, the data extracted by AI can reveal sensitive health details you didn’t intend to disclose. For example, body composition measurements from a chest X‑ray could indicate frailty, metabolic issues, or even early signs of disease. If that information fell into the hands of insurers or employers—even indirectly—it could lead to discrimination or higher premiums.

There’s also the threat of data breaches. Medical imaging data is stored in vast hospital databases, and AI tools often require that data to be moved between systems. Every transfer adds a point of exposure. While most healthcare organizations take security seriously, the track record of large‑scale health data breaches suggests complacency is dangerous.

What you can do

You don’t need to be a tech expert to reduce your risk. Here are concrete steps:

• Ask your provider upfront. Before an imaging exam, ask: “Will AI be used to analyze my scan? How is my data stored, shared, or used for training?” You have a right to a clear answer.
• Read consent forms carefully. Look for phrases like “secondary use,” “data sharing with partners,” or “research purposes.” If the language is vague, ask for specifics or request to opt out.
• Request opt‑out options. Not all hospitals allow patients to refuse AI‑related data use, but some do. Ask whether you can have your images used only for your own care and not for model training.
• Ask about data deletion. Find out how long your images and derived AI data are kept. Request that they be deleted after a reasonable period unless needed for follow‑up.
• Support stronger rules. HIPAA was written before AI became common. Urge your elected representatives to support updates that require transparency when AI is used and that ban re‑identification of de‑identified medical data.

It’s worth noting that the full scope of these risks is still being studied. Not all AI systems are equally vulnerable, and many hospitals use internal models that never leave their network. The threat isn’t universal—but it’s real enough that the RSNA felt compelled to issue a warning.

Sources

• RSNA Special Report: “Special Report Highlights LLM Cybersecurity Threats in Radiology” (May 2025)
• RSNA study: “AI Tool Extracts Body Composition Data from Routine Chest X‑Rays” (May 2026)

For a deeper look, search for “RSNA AI privacy risks” or visit the RSNA news page directly.

– This article is for informational purposes and does not constitute legal or medical advice. Privacy practices vary by institution; always verify with your healthcare provider.