AI in healthcare: The real risk is shadow use
The question is no longer whether AI is used in healthcare, but where. When staff turn to public tools, shadow use emerges — with uncontrollable risks for data protection and professional secrecy.

Artificial intelligence has arrived in everyday work. In hospitals, clinics, practices, and other healthcare organisations, the benefits are obvious: texts can be summarised faster, internal correspondence prepared, information structured, medical-administrative language simplified, or checklists created.
The real question is therefore no longer whether AI is used in healthcare. The more important question is: where and under what conditions is it used?
When staff lack a suitable alternative and turn to public AI tools, shadow use emerges that is difficult for healthcare organisations to control. Confidential medical content, internal documents, patient information, insurance enquiries, or quality documentation do not belong in unclear data flows. In healthcare, good answers alone are not enough. What is needed is an environment where AI can be used productively without neglecting data protection, professional secrecy, and organisational responsibility.
The problem is not AI, but uncontrolled AI use
Many staff immediately see where generative AI can help in everyday work. A long report needs summarising. An internal email needs to be phrased appropriately. A document should become a checklist. A complex text should be made clearer. For such tasks, AI is practical.
But when public AI services are used for this, central questions often remain open: where are inputs processed? What data is stored? Who can access content? Are inputs used for model improvement? Which sub-processors are involved? Is there a data processing agreement? Are technical and organisational measures documented?
For healthcare organisations, these are not minor details. They concern data protection, professional secrecy, internal governance, and the trust of patients, staff, and partners.
A blanket ban on public AI tools usually does not solve the problem in the long term. When the practical benefit is large, staff find workarounds. A more sensible approach is controlled access: AI use is enabled, but within a framework designed, legally secured, and organisationally governed for that purpose.
That is exactly where SecureChat by DeepMed comes in: as a confidential AI assistant for healthcare organisations in Switzerland.
What is SecureChat?
SecureChat is an AI assistant for confidential text and document work in healthcare. The solution supports hospitals, clinics, practices, and other healthcare organisations in tasks where generative AI is useful, without automating medical decisions.
Typical applications include summaries, internal drafts, linguistic revisions, structuring, checklists, tables, templates, and organisation-specific assistants for recurring administrative tasks.
SecureChat is designed as a controlled AI workspace for organisations that want to give their staff access to the benefits of generative AI without resorting to public tools.
What SecureChat can do
In everyday work, SecureChat supports wherever confidential texts, documents, and information need to be processed. This includes, for example:
- Summaries of documents, minutes, reports, or internal materials
- Drafts for emails, correspondence, templates, or organisational information
- Simplification of medical-administrative language
- Structuring of information into lists, tables, or checklists
- Preparation of materials for quality management, administration, or internal clinical workflows
- Support through organisation-specific AI assistants for recurring tasks
The benefit lies in reducing routine work, making texts faster to process, and preparing information in a more structured way.
A clear boundary: no diagnosis, therapy, or triage
SecureChat is not a system for diagnosis, therapy, triage, prognosis, or medical decision-making. The solution is not intended to replace medical assessment or automatically generate treatment recommendations.
It supports text work, structuring, summarisation, and preparation of content. Results must be reviewed, corrected, and approved by the responsible professionals. Professional and medical responsibility remains with humans.
This boundary matters because AI in healthcare must not quietly shift from a work aid to a decision system. It must be clear what a solution is used for — and what it is not.
Data protection and confidentiality as the foundation
SecureChat was developed for confidential work contexts. Customer data is not used for training AI models. For healthcare organisations, this is a central point, because confidential content must not become part of third-party training processes.
A professional AI solution needs more than a promise. For use in healthcare organisations, DeepMed provides the legal and organisational foundations required for controlled use. These include in particular a data processing agreement, documented technical and organisational measures (TOM), and a sub-processor list.
Healthcare organisations can then explain internally that they use AI — and also demonstrate to external parties under what conditions they use it, what roles exist, what data processing is intended, and which service providers are involved.
Why a secure alternative to public AI tools is needed
Public AI tools are easy to access. That is both their strength and their risk. In a private context, a quick answer may be enough. In a clinic, practice, or healthcare organisation, more must be clarified.
Anyone working with confidential documents needs controlled data flows. Anyone enabling staff to use AI needs clear rules. Anyone processing sensitive content needs contracts, TOM, sub-processor transparency, and a clean definition of permitted use.
SecureChat offers a pragmatic path. Organisations do not have to ban AI outright or push staff towards unsafe workarounds. Instead, they gain a protected workspace for precisely those tasks where generative AI can help in everyday work.
More than chat: an entry point into controlled AI workflows
SecureChat is deliberately low-threshold. Staff should be able to use AI for everyday text and document tasks without a long onboarding process. At the same time, SecureChat is part of a broader DeepMed logic.
DeepMed develops ReportWriter as an AI solution for regulated professional processes: with structured inputs, controlled templates, organisation-specific assistants, traceable processing steps, and a clear separation between AI support and professional responsibility.
SecureChat can serve as an entry point. For recurring processes, specific assistants, report templates, structured input masks, or professional workflows can emerge from it. Where a simple chat is no longer enough, ReportWriter allows processes to be guided, reviewed, and documented more precisely.
Who SecureChat is for
SecureChat is aimed at healthcare organisations that want to use generative AI productively without neglecting data protection and confidentiality. This includes hospitals, clinics, practices, medical care centres, therapeutic institutions, administrative departments, quality management, research teams, and other organisations with confidential health data or sensitive internal documents.
SecureChat is especially useful where informal AI use is already happening or foreseeable. In such situations, a controlled solution creates clarity: staff receive a suitable tool, while the organisation can better govern compliance, data protection, and purpose boundaries.
Conclusion
Generative AI will continue to gain importance in healthcare. The decisive question is not whether it is used, but whether it is used in a controlled way.
SecureChat by DeepMed offers healthcare organisations a confidential AI assistant for texts, documents, and administrative routine tasks. The solution provides a secure alternative to public AI tools, establishes important contractual and organisational foundations, and clearly defines what AI is used for: support, not medical decision-making.
For hospitals, clinics, and practices, this is a pragmatic way to make AI usable in everyday work without losing sight of data protection, professional secrecy, and professional responsibility.
Want to see DeepMed in action?
More articles
Human-in-the-loop is not a checkbox: How professional responsibility is truly preserved
A sign-off click is not control. Why human-in-the-loop in medical and expert-reporting processes needs more than a button at the end — and how DeepMed ReportWriter embeds professional responsibility in the workflow.
Read articleAmbient AI Scribes in Clinical Documentation: Insights from npj Digital Medicine
A new npj Digital Medicine perspective on scaling ambient AI scribes — and how DeepMed ReportWriter helps turn transcription into responsible, structured clinical documentation.
Read article