FirmAdapt is an AI-powered business diagnostics platform that audits companies to expose operational inefficiencies and broken processes. We then deploy custom AI agents, robotic process automation, and engineered solutions to fix the problems we find. Our diagnostic tools include company audits, website audits, competitive intelligence, and faith-based compliance screening.

Does FirmAdapt have a free API?

Yes, FirmAdapt offers free open API endpoints that require no authentication. AI agents and developers can make up to 10 requests per week without signing up. The API supports company profile lookups, faith-based compliance screening, and stock searches across 12 global markets.

What is faith-based stock screening?

Faith-based stock screening analyzes a company's financial ratios and business activities to determine compliance with religious investment guidelines. FirmAdapt supports 9 frameworks including Shariah (AAOIFI, S&P), Christian (BRI), Catholic (USCCB), Jewish (Halakhic), LDS/Mormon, ESG Religious, and Evangelical standards.

Can AI agents use FirmAdapt?

Yes, FirmAdapt is designed for native AI agent integration. It provides an MCP (Model Context Protocol) server for Claude Desktop, Cursor, and other AI tools. AI agents can access company profiles, run faith-based compliance screens, and search stocks across 12 global markets using free open endpoints with no API key required.

What markets does FirmAdapt support?

FirmAdapt supports 12 global markets: US (NYSE/NASDAQ), UK (London Stock Exchange), Germany (XETRA), France (Euronext Paris), Japan (Tokyo Stock Exchange), India (NSE/BSE), Saudi Arabia (Tadawul), UAE (Dubai/Abu Dhabi), Malaysia (Bursa), Indonesia (IDX), Canada (TSX), and Australia (ASX).

Back to Blog

AI complianceregulatoryhealthcareHIPAAPHI

Public LLM Memory Features and Why Your HIPAA Officer Should Be Worried

By Basel IsmailMay 2, 2026

Public LLM Memory Features and Why Your HIPAA Officer Should Be Worried

OpenAI rolled out persistent memory for ChatGPT in early 2024. The feature lets the model remember details across conversations, building a running profile of who you are, what you work on, and what you've told it. Google's Gemini has similar capabilities in development. Anthropic is exploring comparable approaches. The pitch is convenience: your AI assistant remembers your preferences, your projects, your context, so you don't have to repeat yourself every session.

If you work in healthcare, this should make you deeply uncomfortable.

How Memory Actually Works

When ChatGPT's memory feature is enabled, the model extracts facts from your conversations and stores them in a persistent layer tied to your account. These memories persist indefinitely unless you manually delete them. They inform future responses across all new conversations. OpenAI's documentation confirms that memories are stored on their servers, processed by their systems, and used to shape model behavior going forward.

This is not ephemeral processing. This is retention. And under HIPAA, retention is where things get legally serious.

The Single Careless Prompt Problem

Consider a realistic scenario. A care coordinator is using ChatGPT to draft a prior authorization appeal. They paste in some clinical notes to get help with the language. The prompt includes a patient name, a diagnosis code, a treating physician, and a medication. With memory enabled, ChatGPT may extract and store some of those details as "memories" associated with that user's account.

Now that information lives on OpenAI's infrastructure. It may surface in future conversations. It may be referenced weeks later when the model tries to be helpful by recalling context. A single prompt has created a persistent, uncontrolled copy of protected health information sitting on a third-party server with no BAA in place.

Under 45 CFR 164.502(a), a covered entity may not use or disclose PHI except as permitted by the Privacy Rule. Pasting PHI into a public LLM with memory features enabled is a disclosure to a third party. OpenAI's standard terms of service for ChatGPT consumer and Plus accounts do not constitute a Business Associate Agreement. OpenAI does offer a BAA for its Enterprise and API products, but the vast majority of individual users at healthcare organizations are not on those tiers.

It Gets Worse With Aggregation

Memory features compound the risk over time. A single prompt with a patient's name might be borderline. But memory accumulates. Over weeks of use, a clinician or administrator might feed the model dozens of data points across separate conversations. The model stitches these together. What starts as fragments becomes a rich, identifiable patient profile stored on servers you do not control, under terms you did not negotiate, with no audit trail your compliance team can access.

The HIPAA minimum necessary standard under 45 CFR 164.502(b) requires covered entities to make reasonable efforts to limit PHI disclosures to the minimum necessary for the purpose. Memory features do the opposite. They maximize retention by design. Every piece of context the model can hold onto, it will.

The Breach Notification Question

Here is where your HIPAA officer really needs to pay attention. If PHI ends up stored in ChatGPT's memory, you likely have an unauthorized disclosure under 45 CFR 164.402. The Breach Notification Rule requires covered entities to notify affected individuals, HHS, and in some cases the media, for breaches affecting 500 or more individuals.

The penalties are not theoretical. In 2023, HHS OCR settled with Lafourche Medical Group for $480,000 over a phishing breach that compromised roughly 34,000 records. Banner Health paid $1.25 million in 2023 for a breach affecting nearly 3 million individuals. These cases involved external attackers. An employee voluntarily sending PHI to a public AI service is arguably a more straightforward violation, because the disclosure was intentional even if the compliance implications were not understood.

OCR has not yet brought an enforcement action specifically targeting LLM use, but the legal framework does not require a new rule. The existing Privacy Rule, Security Rule, and Breach Notification Rule cover this squarely. PHI disclosed to an entity without a BAA is an impermissible disclosure. The fact that the receiving entity is an AI platform rather than a fax machine or a cloud storage provider changes nothing about the analysis.

Why Policies Alone Will Not Fix This

Most healthcare organizations have already added language to their acceptable use policies prohibiting the entry of PHI into public AI tools. That is a necessary step, but it is not sufficient. Memory features make the consequences of a single policy violation dramatically worse than they were with stateless AI interactions.

In a stateless model, if someone pastes PHI into a prompt, the information is processed and (according to the provider's representations) not retained after the session. Bad, but bounded. With memory enabled, that same mistake creates a persistent record. The user may not even realize the model has "remembered" the PHI. There is no notification, no flag, no obvious indicator that sensitive data has been extracted into long-term storage.

Training alone does not solve this either. Research from Stanford's HAI group published in 2023 found that even after specific AI-related compliance training, approximately 20% of employees in regulated industries continued to use unauthorized AI tools for work tasks. The convenience factor overwhelms the policy awareness. People will use the tool that makes their job easier, especially when the compliance risk is invisible to them in the moment.

Technical Controls Are the Only Reliable Mitigation

You need controls that operate at the infrastructure level, not the policy level. Specifically:

Network-level blocking of consumer AI endpoints on corporate and clinical networks. This is blunt but effective as a baseline.
DLP integration that can detect PHI patterns in outbound web traffic, including to AI services. Modern DLP tools can flag MRN formats, diagnosis codes, and name-plus-DOB combinations.
Approved AI environments that operate under a BAA, with memory and training on user inputs disabled, and with audit logging that your compliance team can actually review.
Session isolation ensuring that each AI interaction is stateless by architecture, not just by policy or provider promise.

The goal is to make the compliant path the easy path, and the non-compliant path technically difficult.

How FirmAdapt Addresses This

FirmAdapt was built around the assumption that regulated organizations need AI capabilities without the compliance exposure that comes with public LLM platforms. The architecture enforces session isolation by default, meaning no persistent memory, no cross-conversation context retention, and no training on user inputs. All processing occurs within environments that support BAA execution, and every interaction is logged in an audit trail accessible to your compliance and legal teams.

For healthcare organizations specifically, FirmAdapt provides the productivity benefits of large language models while maintaining the technical controls that HIPAA's Security Rule and Privacy Rule require. Rather than relying on employees to remember not to use memory features on consumer platforms, FirmAdapt removes the risk architecturally. The compliant behavior is the only available behavior, which is the only approach that holds up at scale.

Ready to uncover operational inefficiencies and learn how to fix them with AI?

Try FirmAdapt free with 10 analysis credits. No credit card required.

Get Started Free