Dental AI guide
Treatment Plans: Stop The Spread
A staff-facing guide for controlling patient-identifiable treatment plans.
Your dental system protects patient information through access controls, audit logs and retention rules. The moment a treatment plan leaves that system — into email, a Word doc, a desktop PDF, public AI — none of that protection travels with it. Everything else (spread, overseas processing, breach exposure) is a downstream consequence of that first extraction.
No patient data required. Use these guides for practice workflow education, not patient-specific advice.
A treatment plan is patient health information, not just a quote.
Two privacy laws apply in NSW. As well as the Commonwealth Privacy Act 1988 and its Australian Privacy Principles (APPs), dental practices in NSW are also bound by the NSW Health Records and Information Privacy Act 2002 (HRIP Act) and its Health Privacy Principles (HPPs). Read the considerations here against both. General information, not legal advice.
Why this matters
A treatment plan can contain:
- Patient name and contact details
- Tooth numbers and symptoms
- Clinical context and diagnosis notes
- Proposed procedures
- X-rays or photos
- Costs and payment options
- Risks and alternatives
- Dentist recommendation
- Consent language
That makes it a patient-identifiable clinical and financial document — not ordinary sales copy.
The core risk: once it leaves the system, it's no longer protected
Your dental or practice-management system (PMS) was built to protect patient information. It enforces who can see what, records every access, applies retention rules, and limits how data moves. Those protections exist for a reason.
The moment a treatment plan is taken out of that system — copied into an email, pasted into ChatGPT, saved to the desktop as a PDF, opened in Word or Canva, synced to a personal cloud drive, or forwarded to a marketing tool — none of that protection travels with it. The file is now outside the boundary that was designed to keep it safe.
This is the core risk. Not the spread itself, not the overseas server, not the breach finding — those are all downstream consequences of the data leaving the protected system in the first place. The spread path in the next section shows exactly how it unfolds once extraction happens. The overseas-processing and APP 8 consideration later in this guide arises because external tools often sit on infrastructure the practice has no visibility over — and that is only possible if patient information has already left the system.
The principle in plain terms:
"You have a dental system for a reason — don't hijack information out of it. Keep patient information inside the protected system; the moment a workflow needs to take it out is the moment to stop and check."
Once it's out, it doesn't sit still — it multiplies
Extraction is not the end of the story. It is the start of a cycle. A treatment plan that leaves the system becomes a second copy with no controls on it — and that loose copy tends to breed more copies:
- It gets re-worked, then fed back to AI. The plan is pulled out, opened in Word to "make it warmer" or "more persuasive", then pasted into an AI tool to polish it — and the result is pasted back in again. Each round trip is another copy and another disclosure.
- An AI quietly reads the whole folder. An "AI assistant" or desktop tool that "reviews your Documents folder" or summarises your files will read every extracted plan sitting in Downloads or on the Desktop — including ones you forgot were there.
- A backup sweeps it up. That loose PDF on the desktop or in a personal cloud drive gets caught in an automatic backup — copied again, kept for years, and often stored overseas.
So one extraction becomes many copies, in many places you no longer control, persisting long after the original task is done. That is the engine behind every downstream risk in this guide. It is also why keeping the information inside the protected system matters: that is the one place where there is a single copy, with controls, that the practice can actually account for.
Also in the full guide
- How treatment plans spread
- The red / amber / green rule
- Do not
- Do
- File naming rules
- AI wording rule
- Treatment coordinator checklist
- Manager checklist
- Safer workflow
Optional — get a customised version
Request the version adapted for your practice
The guide above is free to read and download. If you would like a version tailored to your practice workflow, leave your details below. Use practice-level details only. Do not include patient names, treatment details, clinical notes, X-rays, invoices or identifiable emails.