What does Anthropic do with our data?

Detailed Analysis

A Reddit user identifying as an IT professional raises a pointed and practically important question about Anthropic's data handling practices, prompted by a conversation with a healthcare colleague who asked whether entering patient personal information into Claude poses a compliance or privacy risk. The question, while posed casually over a lunch break, cuts to the heart of a serious and growing concern in enterprise and regulated-industry AI adoption: what happens to data once it is submitted to a large language model, and who bears responsibility for ensuring that sensitive information is protected.

From a regulatory standpoint, the answer to the healthcare professional's question is almost certainly yes — entering patient personal information into Claude without appropriate safeguards is a significant problem. In the United States, the Health Insurance Portability and Accountability Act (HIPAA) imposes strict rules on the handling of Protected Health Information (PHI). Using a third-party AI tool to process PHI generally requires that the vendor sign a Business Associate Agreement (BAA), which formally obligates the vendor to protect the data according to HIPAA standards. Anthropic does offer a BAA under its enterprise tier, but this is not available to standard consumer or professional users of Claude.ai. Without such an agreement in place, any transmission of PHI to Claude constitutes a potential HIPAA violation, regardless of whether the data is actually misused. Similar frameworks exist in the EU under GDPR and in other jurisdictions, making this a global concern, not merely an American one.

Anthropic's stated data practices vary significantly depending on which product tier a user is on. For free and standard paid plans, Anthropic has historically reserved the right to use conversation data to improve its models, though users can opt out through privacy settings. Enterprise customers receive stronger contractual protections, including data isolation and the option to prevent their inputs from being used for training. This tiered privacy structure is common across AI providers but creates a meaningful information asymmetry: casual or uninformed users — like the healthcare professional in question — may be unaware that their default settings provide substantially weaker protections than those available to enterprise customers. This gap is particularly dangerous in regulated industries where the stakes of a data exposure are legal and financial, not merely reputational.

The question reflects a broader tension in the rapid adoption of generative AI tools across professional sectors. Healthcare, legal, financial, and other regulated industries are increasingly drawn to the productivity gains AI offers, but many individual practitioners are deploying consumer-grade tools without guidance from their organizations' legal or compliance teams. The IT professional's instinct that this "is a problem" reflects sound judgment, and the exchange illustrates how often these decisions get made informally — on a bench at lunch — rather than through structured risk assessment. As AI tools become more embedded in daily workflows, the gap between technical capability and regulatory literacy among end users represents one of the most pressing challenges for both AI companies and the institutions that employ their tools.