Public health runs on data. Disease reports. Lab results. Birth and death records. Case files. Notes about people in their hardest moments. People share this data with you because they have to, or because they trust you to protect it. Often both.
That trust is the job. It is also the risk.
AI can help a busy agency do more with less. It can sort records, draft reports, and answer staff questions in seconds. But there is a catch. Most AI tools work by sending your data somewhere else. For the public’s health data, that is a real problem. This post explains the problem in plain terms, and what to do about it.
The data you hold is some of the most guarded there is
A health agency holds more than medical files. You hold records that the law guards more tightly than almost any other kind.
Most patient data falls under HIPAA. That is the main federal health privacy law. It covers protected health information, or PHI. PHI is the private health facts about a person, like a diagnosis or a test result.
Some of your data is guarded even more closely. Records about drug and alcohol treatment fall under a separate rule called 42 CFR Part 2. In 2024, the government updated this rule to line up better with HIPAA. Agencies have had to follow the updated version since February 2026. [1]
You also hold vital records, like birth and death certificates. And you often hold data from people who could not easily say no, such as during a disease investigation. That raises the stakes even higher. When the public has little choice but to share, the duty to protect grows.
Most AI tools send your data out the door
Here is how most AI tools work. The AI does not live on your computers. It lives on a company’s computers far away. People call this “the cloud.” The cloud is just someone else’s computer.
To use a cloud AI tool, you type in a request. That request travels over the internet to the company. If your request includes patient data, then that data leaves your network. Now it sits on a system you do not own or control.
Your staff may already be doing this. In one survey from early 2025, 57% of employees said they had typed confidential information into AI tools like ChatGPT. [2] Most did it to save time, not to cause harm. But the data still left the building.
And no, removing the name is not enough. HIPAA lists 18 kinds of details that can point to a person. A birth date. A ZIP code. A medical record number. Take out the name but leave the rest, and it is still PHI. [3] A case note with the name gone but the story intact is still protected.
For any AI tool, ask one plain question: does our data leave the building, or not? If it leaves, every privacy rule in this post applies to it. If it stays, most of them never come up. Where the data goes decides how hard the rest of the job will be.
The rules are getting stricter, not looser
Some agencies hope the rules will ease up. They are moving the other way.
In December 2024, the federal government proposed the biggest update to the HIPAA Security Rule in 20 years. [4] Two things matter here. First, it is a proposal, not final law yet. The current administration will decide if and how it becomes final. Second, the direction is plain.
If the update passes as written, agencies would have to do more, not less. They would have to check each year that their vendors actually protect the data the right way. They would have to scramble, or encrypt, the data so outsiders cannot read it. They would have to add stronger logins. [5]
Every one of those jobs gets harder when your data sits on someone else’s system. You cannot easily check what you cannot see. When the data stays inside your own network, most of these new duties simply do not apply to an outside party, because there is no outside party.
A breach costs more than money
Public health only works if people trust you with their data. A breach breaks that trust. And breaches are common.
Health care was the top target for cyberattacks in 2025, according to the FBI. [6] In 2024, the health records of more than 276 million people in the United States were exposed in breaches. [7] That is most of the country.
Public agencies get hit too. In 2024, about a third of state and local governments were struck by ransomware. The average cost to recover was $2.83 million, more than double the year before. [8]
For an agency that is already stretched thin, one breach can undo years of community trust. Every copy of your data that lives outside your walls is one more door an attacker can try. The safest data is the data that never leaves your control.
You are asked to do more with less
Most health departments are short on people. A 2024 national survey found that local health departments would need about 54,000 more full-time staff to be fully staffed. That is a jump of 70%. [9]
This is exactly why AI is tempting. It can take routine work off your plate. So the real question is not whether to use AI. It is how to use it without adding new risk.
The field is already modernizing. Since 2020, the CDC has put more than $1 billion into upgrading state, tribal, local, and territorial public health data systems. [10] AI can fit that effort, as long as it is built the safe way.
A safer way: AI that stays inside your walls
There is another kind of AI. It is called private, or on-premises, AI. The idea is simple. The AI runs on computers you own, inside your own network. Your data never leaves.
With private AI, there is no trip to an outside company. There is no vendor to check every year. There is no copy of your data sitting somewhere you cannot see. The privacy rules still apply to your own systems, but the hardest parts mostly disappear, because the data stays home.
Good private AI also shows its work. It answers using your own documents and points to where each answer came from. That way staff can trust what it says, and an auditor can follow the trail. The goal is not a clever chatbot. The goal is a tool you can stand behind.
Questions to ask before AI touches the public’s data
Before you let any AI tool near sensitive data, ask a few plain questions. Where does our data go when we use this? Who else can see it? Does the tool keep a copy, or learn from our data? Can we turn it off ourselves? And if an auditor asked tomorrow, could we show exactly what the tool did?
If the answers make you uneasy, that is your sign. The right tool makes these questions easy to answer. With AI that runs inside your own network, the answer to the first one is short and clear: the data goes nowhere.
Not sure where your data goes today?
Cognetryx builds private AI that runs inside your own network, so the public’s data never leaves it. Our free AI Strategy Assessment helps public health and government teams see where their data goes now, and what a safer setup would look like.
Get your free assessmentSources
- U.S. Department of Health & Human Services, “Fact Sheet: 42 CFR Part 2 Final Rule.” hhs.gov
- Tech Monitor, “57% of enterprise employees input confidential data into AI tools, survey reveals” (2025). techmonitor.ai
- U.S. Department of Health & Human Services, “Guidance on De-identification of Protected Health Information” (the 18 identifiers, 45 CFR §164.514). hhs.gov
- Federal Register, “HIPAA Security Rule To Strengthen the Cybersecurity of Electronic Protected Health Information” (proposed rule, published Jan. 6, 2025). federalregister.gov
- U.S. Department of Health & Human Services, “HIPAA Security Rule NPRM Fact Sheet.” hhs.gov
- American Hospital Association, “FBI: Health care was top target for ransomware, other cyberthreats in 2025” (2026). aha.org
- HIPAA Journal, “2024 Healthcare Data Breach Report” (276,775,457 records breached). hipaajournal.com
- Sophos, “The State of Ransomware in State and Local Government 2024.” sophos.com
- de Beaumont Foundation & ASTHO, “PH WINS 2024 Findings” (public health workforce needs). debeaumont.org
- CDC, “CDC Data Modernization Efforts Accelerate Nation’s Ability to Detect and Rapidly Respond to Health Threats” (2024). cdc.gov