Is ChatGPT HIPAA Compliant for a Dental Practice? (2026)

The question usually arrives the practical way: somewhere in the past month, there is a fair chance someone in your office pasted a patient email into ChatGPT to draft a reply. It is fast, it writes well, and it is free. That one paste is where most practices meet this question without realizing they asked it.

Why every dental office is suddenly asking

AI arrived in dentistry from three directions at once: scribes that listen chairside and write the clinical note, imaging tools that flag findings on x-rays, and general chatbots the front desk quietly adopted for emails and insurance narratives. The federal government noticed. HHS issued a request for information on AI adoption in clinical care, and the American Dental Association answered in February 2026, noting that adoption decisions fall on practice owners precisely when, in its words, "regulatory status is unclear," a burden it called heaviest for small offices.

Here is the part that cuts through the noise: there is no AI-specific HIPAA rule. The existing rules apply to AI software exactly as they apply to your practice management system or your cloud backup. That makes the answer to this article's question less about ChatGPT and more about two requirements that have existed for years.

What HIPAA actually says when an AI tool touches patient data

First, the vendor question. Under HIPAA, any company that creates, receives, maintains, or transmits protected health information on your behalf is a business associate, and the rules require a signed Business Associate Agreement before that information reaches it (45 CFR § 160.103 and § 164.502(e)). An AI scribe that hears your exam-room conversation, a chatbot that drafts replies to identifiable patient emails, an imaging model that reads a named x-ray: all of these sit squarely inside that definition. No BAA, no patient data. There is no volume exception, and no exception for having only done it once.

Second, the inventory question. The Security Rule requires an accurate and thorough risk analysis covering every system that holds or moves electronic patient information (45 CFR § 164.308(a)(1)(ii)(A)). A new AI tool is a new system. If your last risk analysis predates your first AI tool, it no longer describes the practice you actually run. We covered whether a dental practice needs a risk assessment at all separately; the short answer is yes, and AI only raises the stakes.

There is a third path the vendors like to mention: de-identified data is not protected health information, so HIPAA does not restrict it. True, and narrower than it sounds. The de-identification standard (45 CFR § 164.514) requires stripping 18 categories of identifiers, including most dates and contact details, or a formal expert determination. Deleting a name from a note whose story still identifies the patient does not qualify.

Is ChatGPT itself HIPAA compliant?

Not by default, and for the versions a solo practice would realistically sign up for, not at all. OpenAI's own terms draw the lines:

• Free, Plus, Pro, Team, and self-serve Business: no. OpenAI states it does not offer a BAA for these plans. Typing patient information into them is an impermissible disclosure the moment you hit enter, whether or not anything ever leaks. Privacy toggles like turning off training do not change that legal fact.
• ChatGPT Enterprise and Edu: possible, with conditions. A BAA is available only to sales-managed accounts, arranged through OpenAI's sales team. This is corporate procurement, not a settings page.
• ChatGPT for Healthcare and the API: yes, for eligible customers. OpenAI now offers a dedicated healthcare product with a BAA and a stated commitment that customer content is not used to train models, and it signs BAAs case by case for zero-data-retention API endpoints. Both are aimed at organizations with technical staff.

What the free version is still good for, with zero patient information in it: blank consent templates, job postings, a recall letter with placeholder fields, supplier emails. The line is identifiability, and one pasted patient message crosses it. If your team uses public AI at all, that line belongs in writing and in training, because a staff member who crosses it creates the practice's violation, not a personal one. What that written rule needs to say, and how to put it in force in a small office, is covered in the staff AI-use policy a dental practice needs.

Which AI tools will sign a BAA, and which will not

Current as of June 2026, taken from each vendor's published terms rather than from reputation. These pages change; confirm the live text before you rely on a row.

• OpenAI: BAA available for the API (zero-data-retention endpoints, approved case by case) and for sales-managed ChatGPT Enterprise, Edu, and ChatGPT for Healthcare. Explicitly unavailable for Free, Plus, Pro, Team, and self-serve Business.
• Google: the Workspace BAA is accepted electronically in the Admin console; Google's covered-functionality list (updated May 14, 2026) includes Gemini in Workspace and the Gemini app, and excludes Gemini in Chrome and all third-party add-ons. Consumer Gemini on a personal account carries no BAA.
• Microsoft: commercial Microsoft 365 customers get the HIPAA BAA by default through Microsoft's Data Protection Addendum, and Microsoft lists Microsoft 365 Copilot among the in-scope services. Copilot inside the consumer and Family plans is a consumer product with no BAA.
• Dental AI vendors (scribes, imaging, front-desk tools): most advertise HIPAA compliance and BAA availability. Treat those as vendor statements. The test is whether they will execute a BAA naming your practice and put their data-retention and model-training terms in writing before the first patient is recorded.

AI scribes and the operatory microphone

Scribes deserve their own section because they do something no other office tool does: they record patient conversations, which means they create protected health information at the source, in audio. Three questions decide whether that is safe. Where do the recordings and transcripts live, and for how long? Is the audio used to train the vendor's models? And does the patient know a system is listening? Recording-consent rules also exist in state law, separate from HIPAA, and they vary; this is general information, not legal advice.

Before any scribe goes live, get four things from the vendor in writing: a BAA naming your practice, the retention period for audio and transcripts, a model-training commitment, and the procedure for exporting or deleting your data if you leave. A vendor that hesitates on any of the four has answered the real question.

What enforcement looks like when a dental vendor fails: MMG Fusion

On March 5, 2026, OCR announced a settlement with MMG Fusion, LLC, a Maryland company whose software handled patient communication and marketing for dental practices, which made it a business associate to the dentists who used it. In December 2020 an intruder got into MMG's systems and reached the information of roughly 15 million people: names, phone numbers, mailing and email addresses, birth dates, and the dates and times of appointments. The data surfaced on the dark web. OCR learned of it only from a complaint in 2023, because MMG had never notified the practices it served. The investigation found MMG had also failed to conduct an accurate and thorough risk analysis.

Two lessons sit in that exhibit. The settlement was $10,000 against 15 million records because OCR weighed the company's financial condition; MMG was effectively gone. The dentists were not. Their patients' data had been exposed for years while the practices, the covered entities in the chain, knew nothing. A vendor's collapse does not transfer the relationship with your patients anywhere; it lands back on you. And the case was the twelfth enforcement action in OCR's Risk Analysis Initiative, the same document-first pattern we described in what happens when a dental practice fails a HIPAA audit: the investigation opens with a request for the risk analysis, and the absence of one is the finding.

An AI tool you adopted this year is exactly the kind of system OCR expects to find listed in that document, and a vendor's badge will not stand in for it. Most solo practices carry two or three HIPAA gaps they cannot see from the inside. The Scorecard checks the 10 items OCR asks about first, then offers a short free risk review and, if you want one, an intro to a vetted specialist. Takes about three minutes. Check my practice →

If patient information already went into a public AI tool

This happens in ordinary, well-run offices, usually at the front desk, and panic is the wrong response. Documented action is the right one. Stop using that channel for patient content. Write down what was entered and when, and which account was used. Then run a breach risk assessment: the structured, written evaluation of how probable it is the information was compromised. Some incidents end there, documented as low probability. Others start notification clocks. The full sequence, including the deadlines, is in what to do after a dental data breach. The one unacceptable response is the undocumented shrug, because that is the line investigators quote later.

How to bring AI into the practice without creating a HIPAA problem

If the fix list ends in hiring help, what a HIPAA risk assessment costs for a dental practice breaks down the market so you do not overpay.

Want the gaps mapped before you start? The Scorecard surfaces them in about three minutes, and the free review walks through the result with you. Check my practice →

The catch

A signed BAA is necessary and not sufficient. It makes the vendor legally accountable; it does not make their servers secure, and MMG Fusion is the proof that when a vendor fails, the patients and the notification duties are still yours. Treat vendor selection as a security control, not a signature to collect.

And the ground is still moving. A proposed overhaul of the HIPAA Security Rule published in January 2025 would harden the technical requirements behind everything in this article. As of June 2026 it remains a proposal, not law, and OCR's AI-specific guidance is still developing. Write your AI policy against today's rules, date it, and expect to revisit it.

About the author

Dolev Arama is the founder of Hipsana, where he runs the HIPAA Risk Scorecard and the short practice risk reviews behind it. He is not an attorney, and Hipsana is a publisher and referral service, not a law firm or a healthcare provider. Its compliance writing starts from primary regulators (HHS, OCR, NIST) and is checked against their current text before anything goes live. More about Hipsana →

Sources

• HHS Office for Civil Rights, settlement with MMG Fusion, LLC (March 5, 2026); 12th action in the Risk Analysis Initiative.
• HHS Office for Civil Rights, Risk Analysis Initiative (announced October 2024).
• OpenAI, "How can I get a Business Associate Agreement (BAA) with OpenAI?" help article and business-data security page (accessed June 2026).
• Google Workspace Admin Help, "HIPAA Compliance with Google Workspace and Cloud Identity," and the HIPAA Included Functionality list (as of May 14, 2026).
• Microsoft, HIPAA/HITECH documentation: the BAA via the Microsoft Products and Services Data Protection Addendum, with Microsoft 365 Copilot listed in scope (accessed June 2026).
• American Dental Association, response to the HHS request for information on AI adoption in clinical care (February 2026).
• 45 CFR § 160.103; § 164.502(e); § 164.308(a)(1)(ii)(A); § 164.514 (eCFR, current).
• Federal Register, HIPAA Security Rule NPRM, January 6, 2025 (RIN 0945-AA22).