The chatbot is designed to assist users in understanding lab test results and locating doctors who accept their insurance, according to the company.
On Thursday, Microsoft introduced Copilot Health, a “separate, secure space” within Copilot for queries regarding lab results, medical records, provider searches, wearable data analysis, and other health-related discussions. This feature will be rolled out in phases and won’t be immediately available to all, but interested users can join a waitlist for access.
Microsoft emphasizes that Copilot Health is not a replacement for doctors and is not meant for medical diagnoses or treatments but aims to aid users in comprehending their health data. Users can import medical records from over 50,000 US hospitals and healthcare organizations through HealthEx and access lab test results via Function. Copilot Health supports “over 50 wearable devices,” including those from Apple, Oura, and Fitbit. The Copilot Health homepage can display wearable data like step count and appointment reminders, based on the data users choose to share.
Copilot Health also assists in finding medical professionals by connecting to “real-time US provider directories,” allowing users to search for providers by specialty, location, languages spoken, and insurance plans accepted.
Microsoft’s press release highlights improvements in the quality and reliability of answers by drawing information from credible health organizations in over 50 countries. Copilot Health responses will include citations with links to sources and “expert-written answer cards from Harvard Health.”
Chats in Copilot Health are kept separate from general Copilot and are under additional access, privacy, and safety controls. The company claims that data from these chats isn’t used for training AI models, and users have the option to delete their health data or disconnect data sources, such as disabling access to wearable data.
OpenAI unveiled a similar feature in January, ChatGPT Health, which offers a sandboxed environment for medical chats, encourages users to connect their medical records, and doesn’t use health chats for model training. Unlike some competitors, Microsoft does not currently offer a HIPAA-compliant version of Copilot Health. ChatGPT for Healthcare and Amazon’s Health AI have HIPAA-compliant versions, and Anthropic’s Claude for Healthcare is “HIPAA-ready.”
When questioned about HIPAA compliance prior to Thursday’s announcement, Dr. Dominic King, VP of health at Microsoft AI, clarified that HIPAA is not mandatory for direct-consumer services using personal data. The Health Insurance Portability and Accountability Act specifies security measures for safeguarding electronic health data and restricts certain uses and disclosures. HIPAA violations can result in fines or prison sentences. Companies like Microsoft, not required by law to be HIPAA compliant, do not face the same penalties as healthcare providers. King added that Copilot is committed to adhering to the highest standards and will announce updates regarding “HIPAA controls,” without elaborating on specifics.
King also mentioned that Copilot Health holds an ISO 42001 certification, an international standard for AI systems promoting “responsible use of AI” through “traceability, transparency, and reliability.” Microsoft 365 Copilot and Microsoft 365 Copilot Chat also hold this certification.
Despite this certification and potential voluntary HIPAA compliance, users should be cautious when sharing medical data with AI. Experts caution that AI companies may change data privacy policies at any time. AI systems have a history of providing inaccurate or unsafe medical advice and are particularly concerning in their approach to mental health.