Aaron Maguregui Highlights Legal Considerations for AI in Health Care

Foley & Lardner LLP partner Aaron Maguregui was a featured guest on The Hospital Finance Podcast to share insights on HIPAA compliance and AI solutions, particularly surrounding the implementation of AI scribes in health care settings.

Maguregui said that while HIPAA forms the baseline for data privacy, state laws such as the California Consumer Privacy Act and Texas’ new privacy law are introducing additional regulatory complexity.

“The contract is really the first place to protect your organization,” Maguregui said of how CFOs can evaluate AI scribe vendor agreements. “You really shouldn’t start any type of work or any type of engagement without really getting a contract into place.” He emphasized the importance of clear data rights provisions and addressing indemnification, liability caps, and cyber insurance and cautioned companies on potential liability under the False Claims Act when AI-generated documentation is used for billing.

Maguregui pointed to routine auditing and maintaining a “human-in-the-loop” process as crucial to managing fraud and abuse risks and said CFOs should engage legal teams early to understand compliance and governance considerations.

“Having a strong risk management framework and understanding what your product does and how your product uses and discloses data will go a long way into understanding what your regulatory requirements are,” Maguregui added.

The full podcast episode is also available on major platforms, including Apple Podcasts and Spotify.