The growing use of AI chatbots for medical advice has raised serious privacy concerns. Users voluntarily share sensitive health information, often unaware that their conversations may be sold to data brokers. To address this, two Democratic lawmakers have introduced a bill that extends health data protection to AI platforms.
The risks of sharing health data with chatbots
Many people ask AI chatbots for health advice, a practice that carries both medical and privacy risks. Most chatbots’ terms of service allow conversations to be used as training data and often permit data aggregation and sale to brokers. Health data is particularly sensitive, and its sale could lead to discrimination or breaches of confidentiality. A recent CrowdStrike report highlighted how AI attacks are doubling, making regulation even more urgent.
Sponsored Protocol
The new law proposed by Warren and Scanlon
Senator Elizabeth Warren and Representative Mary Gay Scanlon will soon introduce an updated version of the Health and Location Data Protection Act. The proposal extends the ban on health data sales to AI companies, specifying that information collected through chatbots cannot be transferred to brokers. This comes as tech companies actively push users to upload medical records. In January, Elon Musk publicly invited users to upload MRI scans to Grok, xAI’s chatbot. That same month, OpenAI launched ChatGPT Health, a sandboxed tab, and Anthropic followed with Claude for Healthcare, a HIPAA-ready tool.
Regulatory challenges and comparison with GDPR
Experts have long called for a comprehensive federal privacy law akin to the European GDPR. The piecemeal U.S. approach often leaves regulation lagging behind technology. According to health data on Wikipedia, protecting medical information is critical to prevent abuse. While this bill is a step forward, it does not replace a unified law. In the meantime, relying on chatbots for health advice is inadvisable due to generative AI’s unreliability. For sensitive discussions, Apple recommends using Siri, which under agreements with OpenAI and Google Gemini adheres to strict privacy requirements.
Sponsored Protocol
Source: https://9to5mac.com/2026/06/30/law-proposed-to-ban-ai-companies-from-selling-your-health-data
