This hospital will learn some hard lessons. I hope their backup strategy is good. I'm surprised they can field software from an entity that isn't SOC2 & HIPAA certified.

No worries! At worst, the contractor can just tell Claude to make sure the hospital knows they're appropriately certified. And the hospital can use Claude to make sure the certs are valid. Everybody wins, except the ones who end up dead. Or with their health destroyed.

> from an entity that isn't SOC2 & HIPAA certified

What do you think the fake Delve attestation scandal was about? https://news.ycombinator.com/item?id=47444319