In January 2026, a line quietly moved.

There were no emergency press conferences or public debates, but something meaningful changed in how artificial intelligence interacts with healthcare. Two consumer-facing AI systems, ChatGPT and Claude, gained the ability to connect directly to real medical records.

Not symptom descriptions typed into a prompt.

Not hypothetical lab values.

Actual diagnoses, medications, lab histories, and years of clinical context.

That shift did not happen because AI suddenly became more intelligent. It happened because the surrounding infrastructure finally matured. Federal interoperability rules became usable at scale. Identity verification stopped being a bottleneck. Health data networks learned how to move records across institutions without collapsing under their own complexity. AI companies stepped into a system that had already been quietly preparing for this moment.

The result is not a medical revolution. It is something subtler, and arguably more important. AI is no longer just answering health questions. It is beginning to understand individuals in medical terms. That change brings real benefits, and real tradeoffs, often at the same time.

This is not an argument against AI in healthcare. It is an attempt to explain the system people are stepping into when they choose to use it.

How these integrations actually work

Neither OpenAI nor Anthropic connects directly to hospitals or doctors’ offices. That would be impractical in a healthcare system as fragmented as the one in the United States. Instead, both rely on specialized intermediaries that already sit inside the data plumbing of healthcare.

For ChatGPT Health, that intermediary is b.well Connected Health. b.well aggregates medical records from millions of providers by using a patient’s legal right to access their own data. When someone connects their records inside ChatGPT Health, b.well retrieves those records, cleans and standardizes them, and makes them usable by an AI system that would otherwise struggle with raw clinical data.

Claude takes a different approach. Anthropic partners with HealthEx, a platform designed around federal interoperability networks like TEFCA. Rather than pulling an entire medical history into the AI product, HealthEx allows Claude to fetch specific pieces of information as needed. A lab result. A medication list. A relevant clinical note.

These are two intentionally different architectures. One emphasizes continuity and memory. The other emphasizes minimization and on-demand access. Neither is inherently right or wrong. What matters is that they behave differently in practice, and users are rarely told to think about that difference.

Where HIPAA ends and something else begins

One of the most common assumptions people make is that if medical data is involved, HIPAA automatically applies. In consumer AI use, that is often not the case.

HIPAA governs hospitals, insurers, and their contracted partners. When a patient exercises their right to access their own records and sends them to a third-party app, those records usually leave HIPAA protection. They become consumer health data, regulated primarily by the Federal Trade Commission and state privacy laws rather than healthcare regulators.

That does not mean there are no rules. It means the rules change.

AI companies are bound by their published privacy policies, by FTC enforcement against deceptive practices, and by health breach notification rules that have been strengthened in recent years. What they are not bound by is the same framework that governs hospitals and insurers day to day.

This distinction sounds technical, but it has practical consequences. It determines who is accountable, how breaches are handled, and what kinds of secondary uses are allowed or prohibited.

“Not used for training” does not mean “not retained”

Both OpenAI and Anthropic are explicit that health data connected through their healthcare features is not used to train their foundation models. That statement is accurate, and it matters.

It is also easy to misunderstand.

Data can be retained without being used for training. It can be stored to provide continuity, personalization, and longitudinal insight for the user. In ChatGPT Health, that persistence is a stated feature. Health data lives in a separate, sandboxed environment designed to support memory over time.

Claude’s consumer health integrations aim to avoid long-term retention inside the AI system itself, but the data still exists within the connected infrastructure. It does not disappear. It is simply accessed and handled differently.

None of this implies wrongdoing. It does imply responsibility. A system that understands your medical history carries a different risk profile than one that answers general questions.

Real benefits, not imagined ones

There are genuine advantages to these systems when they work as intended.

Many people struggle to understand their own medical records. Lab reports are dense. Clinical notes are written for professionals, not patients. AI systems that translate this information into plain language can reduce confusion and help people prepare for appointments.

Long-term pattern recognition also matters. Humans are not good at spotting trends across years of scattered data. AI systems are. Seeing how a marker has changed over time, or how lifestyle factors correlate with lab results, can be genuinely useful.

These benefits are not theoretical. They address real gaps in how healthcare information is delivered today.

Where things can go wrong

The risks are not concentrated in a single dramatic failure. They accumulate.

Aggregating years of medical data into a single consumer account increases the impact of any breach or account takeover. Losing control of an email account is inconvenient. Losing control of a comprehensive health profile is something else entirely.

There are also emerging security concerns tied to how AI systems retrieve external data. Research has shown that protocols designed to let AI tools fetch information dynamically can be exploited if they are not carefully constrained. These are not hypothetical vulnerabilities. They are early versions of the same kinds of problems that accompanied the rise of web browsers and online forms.

Then there is the incentive question.

At present, AI companies state that they do not sell health data, and there is no evidence that they are doing so. But incentives matter over time. Data that is valuable tends to attract pressure to monetize, especially if regulations change or weaken.

It is reasonable to ask what happens if consumer health data is reclassified, or if anonymization standards are loosened, or if insurers are allowed to purchase insights derived from aggregated medical and behavioral data rather than raw records. None of that is happening today. It is also not irrational to acknowledge that systems capable of supporting those outcomes are now being built.

The tradeoff, clearly stated

What is happening now is not a betrayal of trust, and it is not a cure-all. It is a tradeoff.

In exchange for convenience, translation, and personalization, users are moving their most sensitive data into systems governed more like consumer technology than medical institutions. That does not make those systems inherently bad. It makes them different.

The real risk is not using AI for healthcare. The risk is using it without understanding the structure it sits inside.

This moment does not call for panic or blind optimism. It calls for attention. The systems are being built now. The incentives will harden later. Understanding that difference is the point.