EPISODE · Nov 19, 2025 · 53 MIN
#109 - AI & HIPAA Compliance: What’s Allowed, What’s Risky, and How to Do It Right
from The Healthcare Compliance Step-By-Step Podcast · host EPICompliance
When AI enters clinical and administrative workflows, privacy rules and safety expectations come with it. In this practical session, we translate HIPAA requirements into plain English and apply an "AI-assisted, not AI-controlled" model to real-world scenarios. You'll see how to use AI tools without disclosing more PHI than necessary, how to apply Minimum Necessary and de-identification in everyday workflows, and how to keep clinicians clearly in charge. Key Topics:Identify appropriate AI use cases in healthcare and apply Minimum Necessary, de-identification, and data minimization in each workflow.Know when a Business Associate Agreement (BAA) is required, what to ask vendors about data use, logging, and model training, and how to build clear audit trails for scribe, coding, and prior auth tools.Close policy gaps, monitor accuracy and drift, and retain evidence for six years to satisfy HIPAA and payer expectations.Resources:Learn more about healthcare compliance systems: epicompliance.comExplore healthcare compliance training and weekly webinars: epicompliance.com/training-in...Originally Recorded: November 18, 2025.
What this episode covers
When AI enters clinical and administrative workflows, privacy rules and safety expectations come with it. In this practical session, we translate HIPAA requirements into plain English and apply an "AI-assisted, not AI-controlled" model to real-world scenarios. You'll see how to use AI tools without disclosing more PHI than necessary, how to apply Minimum Necessary and de-identification in everyday workflows, and how to keep clinicians clearly in charge. Key Topics:Identify appropriate AI use cases in healthcare and apply Minimum Necessary, de-identification, and data minimization in each workflow.Know when a Business Associate Agreement (BAA) is required, what to ask vendors about data use, logging, and model training, and how to build clear audit trails for scribe, coding, and prior auth tools.Close policy gaps, monitor accuracy and drift, and retain evidence for six years to satisfy HIPAA and payer expectations.Resources:Learn more about healthcare compliance systems: epicompliance.comExplore healthcare compliance training and weekly webinars: epicompliance.com/training-in...Originally Recorded: November 18, 2025.
NOW PLAYING
#109 - AI & HIPAA Compliance: What’s Allowed, What’s Risky, and How to Do It Right
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Mar 19, 2026 ·34m
Feb 18, 2026 ·11m
Feb 11, 2026 ·45m