Skip to main content

Is My Chat Data Leaked to OpenAI?

Learn how BastionGPT protects your data. As a HIPAA compliant AI platform, we use a secure version of ChatGPT for healthcare. Your chat history is never leaked to OpenAI or used for training, ensuring complete privacy for medical professionals.

J
Written by Josh Spencer

No, your chat data is never leaked to OpenAI. BastionGPT is built specifically as a secure, HIPAA compliant AI assistant designed from the ground up for the medical field. We utilize a private, enterprise-grade infrastructure that completely isolates your data.


BastionGPT does not share your inputs, prompts, or patient details with OpenAI or any other third parties for data mining. Furthermore, the information you enter into our healthcare AI platform is absolutely never used to train or develop future iterations of any artificial intelligence models.


This strict level of privacy is essential for medical professionals who require reliable AI clinical documentation tools. Whether you need an AI medical scribe to assist with patient encounters, a secure solution for AI mental health progress notes, or a general ChatGPT for healthcare tasks, BastionGPT ensures your sensitive data remains entirely protected.


Key privacy benefits for BastionGPT users include:

  • Zero Data Training: Your chat history is completely restricted and never feeds back into public AI models.

  • Complete HIPAA Compliance: We provide a secure environment tailored for doctors, nurses, and therapists who need dependable HIPAA compliant AI tools.

  • Safe Medical Documentation: Securely generate AI therapy notes, handle medical dictation, and manage medical charting without risking patient confidentiality.

By providing a truly HIPAA compliant ChatGPT experience, BastionGPT gives healthcare providers the confidence to leverage advanced AI in medicine and healthcare without compromising patient trust or violating privacy regulations.

Is BastionGPT part of ChatGPT or OpenAI?

No. BastionGPT is an independent product built by Bastion Intelligence. We are not part of OpenAI, and BastionGPT is not a version of ChatGPT.

If you are comparing options, we explain why consumer ChatGPT isn't HIPAA compliant on our blog.

Here is how it works: we license frontier AI models from OpenAI, Anthropic (Claude), and Google (Gemini), and we run them on secure infrastructure that operates independently of OpenAI's systems. Your prompts, documents, and patient details never run in OpenAI's data centers and are never stored on OpenAI's behalf. Model providers do not retain your data, so there is nothing for them to produce in response to a court order.

Running licensed models ourselves gives you two advantages:

  • Stronger security assurances. Because we control the environment where the models run, we can protect your data to healthcare standards, with greater separation than the model makers offer on their own platforms.

  • The best model for every task. Licensing from multiple companies means we can route each request to the model that currently performs best, and you are never locked in to a single AI vendor.

See which AI models power BastionGPT for the current lineup.

What about Google's models?

Google is the one exception: Google requires that its AI models run on Google hardware. For those models, your data is processed in a separate hardware enclave dedicated to healthcare data. That enclave is covered by our HIPAA agreements, has passed our security assessments, and holds your data only for the moments needed to process your request.

For a deeper look at how Google's models handle healthcare data, read Is Google Gemini HIPAA compliant?

Does the OpenAI-style API format mean my data goes to OpenAI?

No. We intentionally designed the BastionGPT API to feel familiar if you have worked with the OpenAI format, so connecting your application is straightforward. That familiarity is about the format only. Your requests go to BastionGPT's endpoint and run on our infrastructure, with the same protections described above. That includes no training on your data, ever.

For the complete picture of how BastionGPT protects your data, see our full security architecture.

Did this answer your question?