Microsoft Taps 50,000+ Providers for New AI Health Service
Microsoft unveiled Copilot Health on Thursday, a new feature within its Copilot application designed to act as a personalized AI health concierge. The service allows U.S. users to import their medical histories, lab results, and real-time biometric data to receive AI-driven health advice. The platform's significant scale is enabled by its integration with over 50,000 U.S. hospitals and provider organizations through the vendor HealthEx, as well as connections to more than 50 wearable devices, including Apple Watch, Oura, and Fitbit.
According to Microsoft AI CEO Mustafa Suleyman, the launch aims to drive user engagement for the main Copilot app, which competes with OpenAI's ChatGPT and Google's Gemini. The company noted that health is already the most-asked question category on its mobile app. Copilot Health is launching with a waitlist in a phased U.S. rollout, and Microsoft plans to eventually charge for the premium service.
Strategy Focuses on Data Aggregation Over Diagnosis
Microsoft's strategy is not to replace doctors but to become the central intelligence layer for fragmented health data. By aggregating information from wearables, electronic health records (EHRs), and lab results, the tool aims to provide users with a coherent narrative of their health history. The service is designed to help users understand their data, such as deciphering lab results or finding in-network medical providers, rather than providing formal diagnoses or treatment plans.
It’s something that Microsoft is uniquely placed to do with our scale, with our regulatory experience, with the kind of trust and confidence that people have in our security.
— Mustafa Suleyman, CEO of Microsoft AI.
Navigating Privacy Minefield Without HIPAA Compliance
To address significant privacy concerns, Microsoft states that Copilot Health operates in a "separate, secure space" isolated from the general Copilot. All user health data is encrypted, will not be used for training AI models, and can be deleted by the user at any time. The company has secured an ISO/IEC 42001 certification for its AI management systems to signal its commitment to security.
However, Microsoft executives confirmed the direct-to-consumer service is not required to be compliant with the Health Insurance Portability and Accountability Act (HIPAA), a key federal law governing patient data protection. While competitors like OpenAI and Amazon offer HIPAA-ready versions of their health AI for enterprise clients, Microsoft's consumer-facing tool operates outside this framework. Company officials stated they are working toward implementing "HIPAA controls" in the future but did not provide a specific timeline, a detail that will be closely watched by regulators and privacy advocates.
