Embedded Files
What are "third-party AI note-taking apps" and why are they a concern?
What are "third-party AI note-taking apps" and why are they a concern?
Third-party AI note-taking apps are software or services offered by companies outside of NKY Health's approved platforms such as read.ai or otter.ai. These apps generally join meetings as participants and will often post in the comments that they are present and recording. These apps use artificial intelligence to automatically record, transcribe, summarize, and analyze the content of virtual meetings. The concern stems from the potential risks they pose to the confidentiality, security, and integrity of our data.
What specific risks do these apps present to NKY Health?
What specific risks do these apps present to NKY Health?
Here are the primary risks:
Privacy Violations: Many of these apps store meeting data on external servers, which could expose sensitive information, including Protected Health Information (PHI) and Personally Identifiable Information (PII), to unauthorized access. This could violate HIPAA and state privacy laws.
Data Security Breaches: Using external services increases the risk of data breaches, as we have less control over their security measures.
Loss of Control: NKY Health loses control over the storage, processing, and dissemination of meeting content when using these apps.
Data Ownership: Some third-party apps may sell or share collected data with other entities for various purposes, including marketing or data analytics, further compromising the privacy of sensitive information.
Can't I just delete the notes after the meeting?
Can't I just delete the notes after the meeting?
Even if you delete the notes from your device, the third-party service may have already stored copies on their servers. This means we cannot guarantee the complete removal of sensitive information.
What about the built-in transcription features of some video conferencing platforms?
What about the built-in transcription features of some video conferencing platforms?
Built-in transcription features within Google Meet are permitted. However, third-party apps that are added to those platforms are still prohibited.
What is the difference between general 3rd party AI note taking, and the approved use of Gemini in Google Meet?
What is the difference between general 3rd party AI note taking, and the approved use of Gemini in Google Meet?
The IT department has the ability to enact security controls over Google Workspace and the data contained within. Because of this, the IT department can ensure data is handled in a secure and compliant manner. This level of control is not possible with 3rd party applications.
What should I do if I need to take detailed notes during a virtual meeting?
What should I do if I need to take detailed notes during a virtual meeting?
We recommend the following:
Take manual notes using approved note-taking applications on your NKY Health device.
Designate a staff member to take official meeting minutes.
The Google Gemini feature within Google Meet can be used for meetings hosted on Google Meet
What should I do if a third-party AI note-taking app joins a meeting I am hosting?
What should I do if a third-party AI note-taking app joins a meeting I am hosting?
If you notice a third-party AI note-taking app has joined a meeting you are hosting, you should:
Immediately remove the application from the meeting.
Clearly state to participants that the use of such applications is prohibited by NKY Health policy and that meeting notes can be provided if requested.
What should I do if I am uncomfortable with a participant's use of a third-party AI note-taking app during an external meeting that I am not hosting?
What should I do if I am uncomfortable with a participant's use of a third-party AI note-taking app during an external meeting that I am not hosting?
We recommend the following:
Raise your concern with the meeting facilitator or host.
If the facilitator does not address the issue and you are concerned about privacy or sensitive information being discussed, consider rescheduling the meeting in person or hosting the virtual meeting to allow better control over these apps.
If the above options are not possible, ensure that you are not sharing sensitive or confidential information during the meeting and report your concerns to your supervisor.
Are built-in recording or transcription features in platforms like Zoom or Microsoft Teams considered safe?
Are built-in recording or transcription features in platforms like Zoom or Microsoft Teams considered safe?
Generally, yes. Built-in recording and transcription features provided by the platform itself (e.g., Zoom's recording, Teams' transcription) are considered safer than third-party AI note-taking applications that join the meeting as a separate participant. The risk primarily comes from external apps that connect to the meeting as a user and send data to their own servers. However, it is always important to ensure that these built-in features are used in compliance with NKY Health policies, and only when all participants have been informed and consented.
How do I spot a third-party note-taking app?
How do I spot a third-party note-taking app?
These applications often appear as participants in meetings, with names like 'Note-taking App', 'John's Otter.ai,' or simply the platform's name. They frequently announce their presence with a message indicating they are recording, sometimes providing an option to opt-out. To identify these apps, carefully review the participant list for unfamiliar or uninvited attendees.
Who can I contact if I have further questions?
Who can I contact if I have further questions?
Please contact the IT Help Desk, helpdesk@nkyhealth.org, with any questions or concerns regarding this policy.
Page updated
Report abuse