Shadow AI
Using a general-purpose AI tool for clinical or administrative work when your institution never approved or vetted it, and does not cover it, such as pasting patient details into a consumer chatbot to draft a letter. It is the healthcare version of shadow IT, and it usually starts for a good reason, saving time on a real task. The risk sits behind the tool: anything you enter falls outside HIPAA protection, the vendor has typically disclaimed responsibility and capped its liability, and there is no institutional backstop if something goes wrong, so the exposure lands on the clinician. Shadow AI is not automatically off limits, but it should be used with eyes open: no identifiable patient data in a tool nobody sanctioned, and no assumption that someone else is carrying the risk. A spread of shadow AI is also a signal to the people accountable for a service that the sanctioned tools are either missing or too clunky to use.
Terms like this come up in real clinical scenarios across the HelloAI courses: bite-sized modules with verifiable certificates. An account takes one minute, no password needed.
Sign in →