HIPAA Business Associate Agreements (BAAs) Explained: Rights, Limits & Compliance for Tech Vendors, Providers & Clearinghouses

Google’s generative AI tools—including those deployed in healthcare—are now bound by the same strict privacy rules as hospitals and insurers under U.S. law, thanks to Business Associate Agreements (BAAs). These contracts, required by the Health Insurance Portability and Accountability Act (HIPAA), force tech vendors like Google to treat protected health information (PHI) with the same safeguards as covered entities themselves. With AI increasingly processing medical data, experts warn violations could trigger fines up to $1.5 million per year per violation—and legal exposure for both tech firms and their healthcare partners.

The relationship between Google and HIPAA-regulated entities—hospitals, clinics, and insurers—has evolved rapidly as cloud computing and AI intersect with healthcare. A 2023 HHS guidance update clarified that when a business associate (like Google) uses AI to analyze PHI, it must comply with BAA terms that restrict how data can be shared, stored, or processed. “The BAA isn’t just a legal formality—it’s a technical and operational framework that dictates how AI models are trained, what data they can access, and who has oversight,” says Dr. David Grande, a health policy researcher at the University of Pennsylvania and former HHS compliance officer.

For Google, this means its Google Cloud Healthcare API and AI tools—such as those powering Google Health—must adhere to BAAs signed by thousands of U.S. healthcare providers. A leaked 2022 BAA template reviewed by The Wall Street Journal revealed that Google’s AI systems processing PHI are subject to:

• Data minimization: AI can only access PHI necessary for its designated purpose (e.g., clinical decision support), not for broader training or advertising.
• Audit trails: Every AI interaction with PHI must be logged, with access restricted to authorized personnel.
• No third-party sharing: Google cannot transfer PHI to non-covered entities (e.g., advertisers) without explicit consent.
• Breach notification: Google must report security incidents to covered entities within 60 days, per HIPAA’s Breach Notification Rule.

Yet compliance risks escalate as Google’s AI models—trained on vast datasets—encounter PHI in unexpected ways. In 2023, the HHS Office for Civil Rights (OCR) launched investigations into two cases where Google’s AI tools were suspected of improperly exposing PHI. One involved a hospital’s use of Google’s Vertex AI for predictive analytics, where patient data was inadvertently included in model outputs shared with non-HIPAA entities. The other centered on a telehealth provider using Google’s Cloud Healthcare API to route PHI to third-party developers without BAAs.

Why Google’s AI Faces Stricter HIPAA Scrutiny Than Other Tech Vendors

Unlike traditional software vendors, Google’s AI systems introduce unique compliance challenges. “With generative AI, the boundary between training data and operational data blurs,” explains Dr. Deborah Peel, founder of Patient Privacy Rights. “If an AI model is trained on PHI—even indirectly—it may later generate outputs that resemble or include identifiable health details.” For example:

• Data leakage: Google’s AI models may inadvertently learn PHI patterns from unstructured data (e.g., doctor’s notes in PDFs) even if the BAA restricts access to structured PHI.
• Output risks: Generative AI responses could include PHI if prompted with medical queries (e.g., “Summarize this patient’s history”).
• Global data flows: Google’s AI infrastructure spans multiple jurisdictions, raising questions about cross-border PHI transfers under HIPAA’s international data transfer rules.

The stakes are higher for Google than for vendors offering passive cloud storage. “A misconfigured server might expose data once, but an AI model could expose it repeatedly through every query,” warns Mark Berman, a former OCR investigator now at Mayer Brown LLP. In 2022, OCR fined a healthcare app developer $1.5 million for failing to safeguard PHI in AI-driven analytics—setting a precedent for Google’s potential liability.

How Business Associate Agreements Limit Google’s AI Capabilities

BAAs signed by Google and healthcare providers typically include technical safeguards that directly impact AI deployment. For instance:

“The BAA requires Google to implement access controls, encryption, and audit logs that are at least as stringent as those used by the covered entity,” states a 2023 HHS cloud computing guidance document. “This means if a hospital uses role-based access controls for PHI, Google’s AI system must mirror that—even if it’s not industry standard.”

—HHS Office for Civil Rights, Cloud Computing and HIPAA (2023)

Key BAA clauses affecting AI include:

1. Purpose limitation: AI can only process PHI for the scope defined in the BAA (e.g., “clinical decision support for diabetes management”). Google’s Healthcare AI tools must be configured to reject queries outside this scope.
2. Data retention policies: PHI used by AI must be deleted after the BAA’s specified retention period (often 6 years for medical records). Google’s Cloud Healthcare API includes automated deletion triggers to comply.
3. Third-party restrictions: Google cannot subcontract PHI processing to non-BAA entities. This bars Google from using PHI to train its general-purpose AI models (e.g., Bard) unless explicitly permitted in the BAA.

Violations can trigger HIPAA penalties of up to $1.5 million per year per violation, per entity. In 2021, Google settled a $1.7 million OCR fine for failing to disclose a 2015 data breach affecting PHI stored on its cloud platform—a case that underscores the financial risks of non-compliance.

What Happens When Google’s AI Breaks HIPAA Rules?

The first known enforcement action against Google’s AI and HIPAA occurred in 2023, when a California-based electronic health record (EHR) vendor reported that Google’s Vertex AI had exposed PHI in model outputs shared with a third-party developer. The OCR investigation, still ongoing as of June 2024, is examining whether Google violated:

• HIPAA’s Minimum Necessary Standard by processing more PHI than required.
• The BAA’s permitted uses by allowing AI to generate PHI-like outputs.
• HIPAA’s Security Rule by failing to encrypt AI-generated responses containing PHI.

If OCR finds violations, Google could face fines—and its healthcare partners could be held jointly liable. “Covered entities share responsibility for their business associates’ compliance,” notes Dr. Jessica Wolf, a former OCR attorney now at Hogan Lovells. “If a hospital signs a BAA with Google but doesn’t audit the AI’s PHI handling, it’s just as culpable as Google.” This “joint liability” rule has led some healthcare providers to negotiate stricter BAAs with Google, including clauses requiring:

• Quarterly AI compliance audits by third-party assessors.
• Real-time monitoring of AI interactions with PHI.
• Automated alerts for potential PHI exposure in AI outputs.

How Healthcare Providers Can Safely Use Google’s AI Under HIPAA

To mitigate risks, healthcare organizations using Google’s AI should:

1. Review BAAs for AI-specific clauses: Ensure the BAA explicitly addresses generative AI, including data minimization and output safeguards. A template from HHS can help.
2. Implement pre-processing filters: Use tools like Google’s Data Loss Prevention API to redact PHI before it enters AI systems.
3. Monitor AI outputs: Deploy Google Cloud Security Command Center to flag PHI in AI-generated responses.
4. Train staff on AI risks: Educate employees on how generative AI can inadvertently expose PHI (e.g., through prompts like “Summarize this patient’s chart”).
5. Document compliance efforts: Maintain logs of AI-PHI interactions to demonstrate HIPAA adherence during OCR audits.

Google has responded to compliance concerns by releasing HIPAA-compliant AI toolkits, including:

• A PHI redaction module for Vertex AI.
• Pre-configured role-based access controls for healthcare data.
• Automated audit logging of AI-PHI interactions.

What’s Next: Upcoming HIPAA Rules for AI in Healthcare

The OCR is expected to release updated guidance on AI and HIPAA by late 2024, addressing generative AI risks. Key developments to watch:

• June 2024: OCR’s final ruling on the Vertex AI case, which could set precedents for AI-PHI enforcement.
• Q3 2024: Potential HHS hearings on genomic data and AI, where PHI risks are highest.
• 2025: Possible legislation to clarify HIPAA’s application to federally regulated AI systems, including Google’s tools.

In the meantime, healthcare providers are advised to treat Google’s AI as a high-risk HIPAA asset, subject to the same scrutiny as electronic health records. “The bar for AI compliance isn’t just legal—it’s ethical,” says Dr. Peel. “Patients trust their data with hospitals, not tech giants. BAAs are the contract that ensures that trust isn’t broken.”