Alerts

InfoSec Alert: PHI not allowed in Adobe AI Assistant

Use of Adobe’s AI Assistant with HIPAA Protected Health Information (PHI) is not permitted at WashU.

While Adobe’s information security and intellectual property protections are compatible with other uses, federal law requires a Business Associates Agreement (BAA) before HIPAA PHI may be shared with a third party.

Non-AI Assistant use of Adobe desktop products keeps the data local to your computer, which is okay.

However, the Adobe AI Assistant transmits information to Adobe and is therefore prohibited when PHI is involved.

This restriction applies to both paid subscriptions and free trials.

WashU IT is planning to disable the use of the Adobe AI Assistant over the coming weeks for HIPAA users. While we will also seek a BAA, Adobe has unequivocally stated that they will not agree to one.

For more information about using generative artificial intelligence at WashU, visit https://it.wustl.edu/ai/

Stay Informed

Please read the Office of Information Security’s monthly SECURED newsletter to stay updated on the best practices and important topics in Information Security. It contains news, strategies, and the latest information about the biggest issues facing our institution as we continue to keep our work and data secure. Please visit our blog at the link below for a complete archive of the content published in SECURED.

Contact Our Office

If you have questions or concerns about this update, please contact the Office of Information Security by emailing infosec@wustl.edu. As always, we appreciate your vigilance as we work together to keep WashU secure.