Is ChatGPT HIPAA compliant?

The consumer version of ChatGPT is not HIPAA compliant and should not be used with protected health information. HIPAA compliance depends on the deployment, not the model: you need a signed Business Associate Agreement with the provider, access controls, audit logging, and assurance that data is not used for training. A private deployment inside infrastructure you control is the cleaner path because the protected data never leaves your perimeter.

What does a private AI deployment actually mean?

Your models, data, and infrastructure stay in environments you control: your cloud tenant, your VPC, or fully on-premise. Nothing leaves your perimeter, no third party trains on your data, and access is scoped, logged, and auditable end to end.

Which regulations apply to AI in healthcare, finance, and law?

It depends on the data and the jurisdiction. Healthcare is governed by HIPAA in the United States. Financial services fall under GLBA and sector rules from bodies like the SEC and FINRA. Most enterprises also expect SOC 2 and often ISO 27001 from vendors. The NIST AI Risk Management Framework and the EU AI Act add AI-specific governance on top of those data rules.

Can AI decisions be audited?

Yes, if the system is designed for it from the start. Every decision the AI influences should record its inputs, its output, the source documents it used, and the model version that produced them, all in a durable, queryable log. Auditability bolted on after a pilot is far weaker than auditability designed in from day one.

All articles

Perspective May 28, 2026 Updated June 8, 2026

Deploying AI in regulated industries without losing control

A practical guide for healthcare, finance, and legal teams: how to adopt modern AI while keeping data, auditability, and accountability intact, mapped to HIPAA, SOC 2, GLBA, the NIST AI RMF, and the EU AI Act.

By Kevin Xie Founder, CEO at Soren

For organizations in healthcare, financial services, and law, the question is no longer whether to adopt AI. It is how to do so without inheriting risk the institution cannot carry. The answer is rarely a single model. It is an architecture, and the architecture is decided by your constraints before a single prompt is written.

Start from the constraint, not the capability

Most AI projects begin with a capability and go looking for a use case. In a regulated environment you reverse the order. The binding constraints, where data may live, who may see it, and what must be logged, define the solution space first. Everything else is built inside that boundary.

This sounds limiting. In practice it is clarifying. Once you know that protected health information cannot leave your tenant, a long list of architectures rules itself out and the remaining choices get much easier to make.

Know which rules actually bind you

You cannot design for compliance you have not named. The specifics depend on your data and your jurisdiction, but most teams we work with are holding some combination of these:

HIPAA, the Health Insurance Portability and Accountability Act of 1996, which governs protected health information in United States healthcare. Any vendor touching that data needs a signed Business Associate Agreement. The rules are published by the US Department of Health and Human Services.
GLBA, the Gramm-Leach-Bliley Act of 1999, which governs how financial institutions handle customer financial data, summarized by the Federal Trade Commission. Financial firms also answer to sector regulators such as the SEC and FINRA.
SOC 2, the reporting framework built on the AICPA Trust Services Criteria: security, availability, processing integrity, confidentiality, and privacy. Most enterprise buyers will ask for a report before they sign.
ISO/IEC 27001, the international standard for information security management, common in cross-border deals.

On top of those data rules sit two AI-specific governance frameworks worth designing toward now, because buyers and regulators are already asking about them:

The NIST AI Risk Management Framework, released in January 2023, which organizes AI governance around four functions: Govern, Map, Measure, and Manage. It is voluntary, it is sensible, and it is becoming the common language for AI risk in the United States. The framework is published by NIST.
The EU AI Act, which entered into force in August 2024, with its bans on certain practices applying from February 2025 and its obligations for general-purpose models from August 2025. If you operate in or sell into the European Union, its risk tiers will shape what you can deploy and what you must document. The official text and timeline are maintained by the European Commission.

You do not need to be an expert in all of these. You do need to know which ones touch your data before you choose an architecture.

Three properties that make a system deployable

Across every regulated deployment we have built, the same three properties separate a system an institution can actually trust from a demo that never leaves the sandbox.

Auditability

Every decision the AI influences should be traceable. The inputs it received, the output it produced, the source documents it relied on, and the model version that generated the answer all belong in a durable, queryable record. When a regulator, an auditor, or your own risk team asks “why did the system say that,” the answer should be a query, not an investigation. This is far easier to build in from the first day than to retrofit after a pilot, which is one reason we treat the audit log as part of the design rather than a feature added later.

Containment

Sensitive data should never cross a boundary it was not meant to cross. That is the whole argument for a private deployment: the models, the data, and the infrastructure stay inside an environment you control, whether that is your cloud tenant, your VPC, or on-premise hardware. Nothing leaves the perimeter, and no third party trains on your data. Containment is also what makes the HIPAA and GLBA questions tractable, because data that never leaves cannot leak through someone else’s logging.

Accountability

A human stays responsible for outcomes. The system exists to make that person faster and better informed, not to absorb a decision they are accountable for. In a high-impact workflow the AI drafts, retrieves, flags, and proposes. A named person reviews and decides. Keeping the human in the loop is not a hedge against weak models. It is the correct division of labor when the cost of a wrong answer is measured in patient safety, client money, or legal exposure.

A short checklist before you deploy

If you are scoping an AI system for a regulated workflow, these are the questions worth answering on paper first:

What is the most sensitive data class the system will touch, and which regulation governs it?
Where will that data physically live, and does any of it leave your perimeter at any step, including logging and monitoring?
Is there a signed agreement (a BAA for health data, equivalent terms elsewhere) with every party in the chain?
For every AI-influenced decision, what exactly gets logged, and how long is it retained?
Who is the named human accountable for the outcome, and what does their review actually consist of?
How will you measure accuracy against a real baseline, and what is the threshold for shipping?
Which governance framework (NIST AI RMF, EU AI Act, internal policy) are you documenting against?

If you can answer those seven, you have a deployable design. If you cannot, you have a prototype, and you have found the work that remains.

The payoff

Done well, these constraints are not a tax on capability. They are what makes capability deployable at all. An AI system an institution can actually trust in a high-impact workflow is worth far more than a more powerful one it can only use in a sandbox.

This is the foundation underneath the rest of our work, including how we build systems around your specific context. If you are weighing an AI deployment under real regulatory constraints, book a demo and we can walk through your specific situation.

Frequently asked questions

Is ChatGPT HIPAA compliant?: The consumer version of ChatGPT is not HIPAA compliant and should not be used with protected health information. HIPAA compliance depends on the deployment, not the model: you need a signed Business Associate Agreement with the provider, access controls, audit logging, and assurance that data is not used for training. A private deployment inside infrastructure you control is the cleaner path because the protected data never leaves your perimeter.
What does a private AI deployment actually mean?: Your models, data, and infrastructure stay in environments you control: your cloud tenant, your VPC, or fully on-premise. Nothing leaves your perimeter, no third party trains on your data, and access is scoped, logged, and auditable end to end.
Which regulations apply to AI in healthcare, finance, and law?: It depends on the data and the jurisdiction. Healthcare is governed by HIPAA in the United States. Financial services fall under GLBA and sector rules from bodies like the SEC and FINRA. Most enterprises also expect SOC 2 and often ISO 27001 from vendors. The NIST AI Risk Management Framework and the EU AI Act add AI-specific governance on top of those data rules.
Can AI decisions be audited?: Yes, if the system is designed for it from the start. Every decision the AI influences should record its inputs, its output, the source documents it used, and the model version that produced them, all in a durable, queryable log. Auditability bolted on after a pilot is far weaker than auditability designed in from day one.

Putting private, context-aware AI to work in a regulated environment? We should talk.

Book a demo