Market growth of AI
The application of AI in the healthcare sector is growing. The key factors contributing to AI’s growth in healthcare include: AI-based healthcare informatics due to large volume of patient data, a need to improve efficiency in hospital operations, and increase in the number of start-ups offering AI-based healthcare software.
Another contributing factor is the government’s support towards technology innovation in many countries such as India, Canada, US, Denmark, Hungary, China, Singapore, and many more. For example, India launched INDIAai platform in 2020, With an objective to improve collaboration among ecosystem players and spread awareness about AI across sectors. Large corporations such as Google, Microsoft, Apple and others are also developing AI based tools and software.
Commercial usage of AI, however, raises concerns around ethics and data privacy. There are numerous debates around commercialization of AI based tool such as GPT-3, which has more than scale of operations. As an example, a leading medical device manufacturer leverages AI to 175 billion parameters to base its automated decision on, but still raises question about data privacy and ethics.
Ethics and data privacy challenges become more pronounced in medical devices as it collects personal sensitive health information.
Growth of the AI market is attributed to investments by governments, as well as innovations happening in the private sector. However, AI poses significant challenges around ethics and data privacy that need to be addressed in near term.
Challenges in AI-based medical devices
Hospitals are using AI based devices for screening decision without human intervention. The algorithm provides physicians with the recommendation on the next steps after analyzing the patients. However, the greatest challenge in this field remains lack of trust and existence of privacy issues.
In AI-based devices/algorithm-based set-up, the patient’s consent becomes one of the leading challenges. It is challenging to understand the data flow because of unexpected correlations. A simple solution to this challenge is to work only on an anonymized dataset.
Data privacy and cybersecurity challenges also impact the big data/AI based devices. Some of the risks arising may be the result of lack of cybersecurity controls (access controls, encryption, logs), and lack of privacy controls (data minimization isn’t followed, lack of data segregation, unattended data such as individual’s preference capture due to corporate policies etc.)
While data privacy and cybersecurity challenges can be solved by implementing traditional controls, and following the regulatory guidelines, the challenges around reliable & trusted recommendation and algorithm biases are comparatively niche and hence difficult to solve. Automated decisions run “behind the scenes”, thus making it difficult to scrutinize. Thus, to minimize the biased outcomes, one must consider non-technical attributes of devices, in addition to the technical specifications and controls. Missing on either of the aspects may not help device manufacturers to solve this challenge. Other key success factor will be cooperation within industry to push for larger adoption of the AI-algorithm assessment for bias.
To overcome the data privacy and cybersecurity challenge, organizations in the healthcare sector must conduct a Data Privacy Impact Assessment (DPIA), along with assessment of the underlying algorithms for these medical devices, at the beginning of the project.
Wipro’s approach to address privacy challenges
Wipro recommends a risk-based approach to address privacy challenges. Such an approach must begin by asking a key question – why is DPIA needed in the given context? AI-based medical devices (or in general medical devices) collect and use personal data that has an impact on the privacy of individual,if mismanaged.
This becomes the key reason for carrying out a DPIA. Other reasons could be compliance requirements, building trust among stakeholders, and identifying and addressing the risks to the personal data of the patients
An approach to solve these challenges takes 5 steps, with emphasis on how well the data is being stored and managed by medical devices. It should begin by understanding and documenting the inherent features and specifications of medical devices, controls that are in place, and potential vulnerabilities that can be exploited in the light of prevalent threats.