Who’s at Risk? New Study Shows Medical AI Puts Some Patients’ Privacy in Greater Danger
Artificial intelligence is becoming a regular part of healthcare—diagnosing diseases, predicting outcomes, and managing patient records. But a new study warns that not everyone’s medical data is equally protected. Some patient groups are more exposed to privacy risks than others, and the gap is worth understanding if you or a family member uses AI‑powered health tools.
What happened
A study published by Telehealth.org analyzed how data exposure risks vary across patient demographics in medical AI systems. The researchers found that patients from marginalized communities—including racial and ethnic minorities, low‑income individuals, and those with complex or chronic medical histories—tended to have higher rates of data exposure. The exact mechanisms aren’t fully detailed in the public release, but the pattern points to systemic issues in how health data is collected, shared, and protected.
This finding arrives at a time when healthcare data breaches are already a significant concern. The HIPAA Journal reports that breaches continue to rise year over year, with hacking incidents accounting for the majority. Medical AI introduces additional data flows beyond traditional electronic health records, often involving third‑party vendors, cloud storage, and machine learning training sets—each a potential weak point.
Why it matters
If medical AI systems disproportionately expose certain groups, the consequences go beyond a privacy violation. Patients who already face barriers to care may become even more reluctant to share sensitive health information, which can degrade the quality of AI‑driven diagnoses and widen health disparities. For example, a model trained on data from which some groups are more likely to opt out (because of privacy concerns) could become less accurate for those same populations.
There’s also the question of fairness. When data exposure is not random but follows lines of race, income, or health complexity, it raises ethical and legal issues under both privacy laws and anti‑discrimination frameworks. The study underscores a need for stronger data governance that accounts for these disparities rather than treating all patients as equally protected.
What readers can do
Patients can take practical steps to reduce their risk, even without waiting for policy changes. Here’s what to consider:
- Ask your provider about AI use. Before agreeing to any AI‑assisted diagnosis or treatment recommendation, ask which systems are used, who has access to your data, and whether the data is de‑identified. Many clinics have privacy notices, but it’s worth asking directly.
- Review consent forms carefully. Look for clauses that allow your data to be used for research or training AI models. Some forms use broad language; you have the right to opt out of secondary uses without losing care.
- Choose privacy‑focused services. If you’re using a health app or telehealth platform that relies on AI, check its privacy policy for specifics about data sharing with third parties. Services that are HIPAA‑compliant and undergo independent security audits are preferable.
- Consider minimizing unnecessary data. For example, if you use a mental health chatbot, you don’t need to provide your full name or address. Use a pseudonym if the service allows it.
- Know your rights. Under HIPAA, you can request an accounting of disclosures and ask for corrections to your records. If you believe your data was mishandled, file a complaint with the Office for Civil Rights.
These steps aren’t foolproof—data exposure can happen through breaches beyond an individual’s control—but they help you stay informed and reduce unnecessary risk.
Broader picture
The study from Telehealth.org adds to a growing body of evidence that privacy protections in medical AI are uneven. While regulators are starting to act—the FDA and FTC have both issued guidance on AI transparency and data security—enforcement remains inconsistent. Industry standards for auditing AI systems for privacy equity are still in early stages.
For patients, the immediate takeaway is to be an active participant in how your health data is handled, especially if you belong to a group that the research shows may be more vulnerable. For advocates and policymakers, the study is a reminder that privacy isn’t just about compliance boxes—it’s about ensuring new technology doesn’t deepen existing inequalities.
Sources
- Telehealth.org. “Medical AI Privacy Study Finds Some Patients Face Greater Data Exposure Risks.” July 9, 2026.
- The HIPAA Journal. “Trends in Healthcare Data Breach Statistics.” June 18, 2026.
- American Psychological Association. “Health Advisory: Use of Generative AI Chatbots and Wellness Applications for Mental Health.” November 13, 2025.
The full Telehealth.org study is behind their site, but the summary available provides the key findings referenced here. As with any single study, results should be considered alongside broader research on medical AI privacy.