Hi, I just found out my dentists office is using a program called “Second Opinion” produced by “Hello Pearl”. There is literally no information about what this company does in the background with my information, however I know they at the very least have:
- My full legal name
- X-Rays of my teeth
I’m concerned because there is literally nothing online about how to opt out of them using your data for AI training. They are an AI company and the screen the Dentist was showing me showed a pop-up about provides information being able to be used for AI training. What should I do, what are my rights?
Dentist is responsible for fixing teeth, if it does not involve teeth and they dont know about it, they are fine for not knowing
Most dentists in the US do fall under HIPAA. Disclaimer for some dentists in some states or some edge cases, but in general, US dentists have to comply with HIPAA.
Which means they need to select software that can be implemented in a HIPAA-compliant way and develop processes that protect PHI (protected health information). Or ensure someone on their staff is responsible for HIPAA security.
So yes, if in the US, it’s worth asking the dentist how this setup is kept HIPAA-compliant. If the dentist says “IDK, I just do tooth fixing stuff” then it’s time to find a new dentist; they shouldn’t be trusted with any private data with or without AI in the mix.
Edit: it also took 30 seconds to find the company’s website where they at least claim they are compliant to HIPAA, GDPR, and an alphabet soup of other names.