Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
SpaceNoodled 3 days ago

Is there nothing like HIPAA there or what?

samglass09 3 days ago | parent | next [-]

Very little protections. The entire medical records of a significant percentage of the NZ population were stolen recently and put up for sale online. Zero consequences for the medical practices who adopted the hacked software.

mixmastamyk 3 days ago | parent [-]

Interesting, a person was telling me recently that NZ privacy laws were quite strong. Perhaps a different category.

https://news.ycombinator.com/item?id=44564349

peterashford 3 days ago | parent [-]

The laws are, the policing is not. At least not in medical data

lights0123 3 days ago | parent | prev [-]

Many AI companies, including Azure with their OpenAI hosting, are more than willing to sign privacy agreements that allow processing sensitive medical data with their models.

Ucalegon 3 days ago | parent [-]

The devil is in the details. For example, OAI does not have regional processing for AU [0] and their ZDR does not cover files[1]. Anthropic's ZDR [2] also does not cover files, so you really need to be careful, as a patient/consumer, to ensure that your health, or other sensitive data, that is being processed by SaaS frontier models is not contained in files. Which is asking a a lot of the medical provider to know how their systems work, they won't, which is why I will never opt in.

[0] https://developers.openai.com/api/docs/guides/your-data#whic...

[1] https://developers.openai.com/api/docs/guides/your-data#stor...

[2] https://platform.claude.com/docs/en/build-with-claude/zero-d...

lights0123 3 days ago | parent [-]

Azure OpenAI is not the same as paying OpenAI directly. While you may not be able to pay OpenAI for them to run models in Australia, you can pay Azure: https://azure.microsoft.com/en-au/pricing/details/azure-open...

The models are licensed to Microsoft, and you pay them for the inference.

Ucalegon 3 days ago | parent [-]

There is no way to upload files as a part of context with Azure deployments, you have to use the OAI API [0], and without having an architecture diagram of the solution, I am not going to trust it based off of the known native limitations with Azure's OAI implementation.

[0] https://github.com/openai/openai-python/issues/2300