AI in healthcare

Artificial intelligence in healthcare offers both benefits and risks. AI today supports diagnosis and treatment and streamlines administrative tasks. But more broadly, the development and refinement of AI tools are moving so rapidly that even their makers are pulling back to avoid a catastrophic mistake.

Discovery of a Massive AI-Driven Vulnerability

The scale of the current threat came into focus last week when AI company Anthropic unveiled Claude Mythos, a new large language model designed for technical reasoning.

While earlier AI iterations were primarily used for text generation and general coding assistance, Mythos marks a quantum leap in autonomous technical capability. During its preview phase, the model demonstrated an unprecedented ability to identify and exploit high-severity “zero-day” vulnerabilities—security flaws unknown to software developers.

But the same day it was to be released, an Anthropic engineer discovered a dangerous capability. It was so effective in finding security flaws, that if released into a criminal’s hands, it could cause massive security breaches across the internet. In some benchmarks, Mythos uncovered critical flaws in every major operating system and web browser” that had evaded detection by humans and automated testing for more than 25 years.

For healthcare organizations, this is a sobering warning. Healthcare depends on an extensive web of legacy software, interconnected medical devices (the Internet of Medical Things, or IoMT), and cloud-based electronic health record (EHR) systems. If a tool like Mythos can uncover a 27-year-old flaw in a core operating system, it can find unpatched vulnerabilities in the specialized software that powers a regional hospital’s laboratory or imaging department.

Rather than release Mythos, Anthropic officials decided to restrict its use, opting instead to collaborate with infrastructure providers via “Project Glasswing” to fix these flaws before malicious actors can exploit them. Described by Forbes as a “cybersecurity defense initiative,” the collaboration includes Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Anthropic is also giving access to about 40 other organizations that maintain critical software infrastructure, and is providing financial support to other open-source security organizations to participate.

From Anthropic’s April 7 blog:

“We formed Project Glasswing because of capabilities we’ve observed in a new frontier model trained by Anthropic that we believe could reshape cybersecurity. Claude Mythos Preview is a general-purpose, unreleased frontier model that reveals a stark fact: AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities.”

However, history shows that such capabilities eventually proliferate. When AI-driven hacking becomes commoditized, the “dwell time” (the period between a vulnerability’s discovery and its weaponization) will shrink from weeks to seconds.

The Privacy Pitfall: The Lessons of Sutter Health and MemorialCare

While the threat from external hackers is significant, a more immediate legal risk for healthcare leaders may stem from AI tools already in use. A legal battle in California will spotlight how a new AI transcription service accesses private patient information, potentially violating HIPAA, state privacy laws, and federal wiretapping laws.

On April 8, 2026, a federal class-action lawsuit was filed against Sutter Health and MemorialCare Medical Foundation, two prominent California healthcare entities. The lawsuit alleges that both used an AI-enabled medical transcription tool (specifically Abridge AI) to record and process patient-doctor conversations during appointments without obtaining patients’ informed consent.

The plaintiffs argue that they were not given clear notice that their most intimate health disclosures, from symptoms, medical history, diagnoses, medications, treatment plans, mental health disclosures, and family medical history. were being transmitted outside the clinical environment for processing by a third party.

The plaintiffs argue that Sutter Health and MemorialCare violated four statutes:

  • California Medical Information Act (CMIA): Alleges that the unauthorized recording and transmission of sensitive health discussions to third-party AI servers constitute an illegal disclosure of medical information.
  • California Invasion of Privacy Act (CIPA): Contends that using a third-party tool to “eavesdrop” on a private conversation without all parties’ consent violates state privacy protections.
  • Unfair Business Practices (UCL): Argues that the organizations misrepresented their privacy practices by failing to disclose the AI “listener.”
  • Federal Wiretapping Law: Asserts that the electronic interception of live oral communications without consent violates federal statutes.

The Business Associate Risk

For healthcare owners and compliance officers, this case highlights a critical gap when an AI-enabled vendor does not protect patient privacy. While a Business Associate Agreement (BAA) may satisfy HIPAA’s administrative requirements, it does not automatically immunize a covered entity against state-level privacy lawsuits or wiretapping claims if patient consent is bypassed. Moreover, covered entities Sutter Health and MemorialCare will need to show that they performed due diligence on Abridge AI, confirming that the vendor complies with HIPAA, has completed a full Risk Analysis, and has policies and procedures to safeguard patient data.

Why Healthcare is a High-Value Target for AI-Enhanced Attacks

Cybercriminals are increasingly using AI to personalize and scale their attacks. In the healthcare sector, where time is literally a matter of life and death, the pressure to pay ransoms is higher than in almost any other industry.

  • Sophisticated Phishing: AI can now generate highly convincing, personalized emails that mimic the tone and style of a specific hospital executive or a known vendor. These “deepfake” communications render traditional employee training—which often focuses on spotting typos or generic greetings—largely obsolete.
  • Automated Lateral Movement: Once a hacker gains a foothold in a network, AI agents can autonomously navigate the system, identify the most sensitive databases, and encrypt them before IT teams even detect an anomaly.
  • Supply Chain Vulnerability: Healthcare organizations depend on thousands of vendors. AI enables attackers to scan the entire digital supply chain of a hospital system, seeking the “weakest link” in third-party billing software or a telehealth platform.

Defensive Strategies: Protecting the Data You Hold

Despite these challenges, healthcare organizations are not defenseless. Protecting patient data in the age of AI requires a shift from a “check-the-box” compliance mindset to a “zero-trust” security posture. Here are several actionable steps healthcare professionals can take:

Redefine Vendor Due Diligence

In 2026, a standard security questionnaire is no longer sufficient. When evaluating a new AI tool, IT and compliance teams should ask the following:

  • Where is the data processed? Is the AI “on-device” (local) or “cloud-based”? If it’s cloud-based, what encryption protocols are used for data in transit and at rest?
  • How is the model trained? Does the vendor use your patients’ de-identified data to train their future models? If so, does your patient’s explicit notice allow for this?
  • Does the vendor provide “Explainable AI”? If the AI makes a clinical or administrative suggestion, can the system explain the “why” behind the decision? This is essential for legal defensibility.

Implement Multi-Layered Informed Consent

The Sutter Health and MemorialCare litigation demonstrates that general HIPAA disclosures are often insufficient for AI-enabled tools. Organizations should:

  • Use Clear Signage: Place notices in examination rooms stating that AI transcription tools may be used to assist the physician.
  • Standardize Verbal Scripts: Physicians should be trained to ask, “I’m using an AI assistant today to help me take accurate notes so I can focus on you. Is it okay if I turn it on?”
  • Offer a Clear Opt-Out: Ensure that patients know their care will not be compromised if they choose not to be recorded.

Adopt AI-Driven Defense

The only way to counter AI-powered attacks is with AI-powered defense.

  • Anomalous Behavior Detection: Use security tools that learn the “normal” behavior of your network. If an account suddenly accesses 5,000 patient records at 2:00 AM, the AI should automatically freeze that account and alert the IT team in real time.
  • Continuous Monitoring: Shift from annual risk assessments to continuous compliance monitoring. The threat landscape changes daily; your security posture must keep pace.

The Path Forward: Innovation with Integrity

The integration of AI into healthcare is underway, and its benefits are proven. It has the potential to detect cancers earlier, reduce medication errors, and free doctors from administrative tasks that currently consume their days. However, these benefits cannot come at the expense of the foundational trust between patient and provider.

The lessons from the Claude Mythos preview and the current California litigation are clear: innovation without transparency is a liability. Healthcare organizations that will thrive in this new era treat cybersecurity not as a technical hurdle but as a core component of patient safety. By combining rigorous vendor oversight, clear patient communication, and AI-driven defensive tools, we can harness this technology’s power while fulfilling our highest duty: to do no harm.

Free HIPAA Checklist
What best describes you?