The importance of data security in AI-driven healthcare
The COVID-19 pandemic is said to have accelerated the healthcare space into the phase dubbed ‘Health 4.0’ – a data-driven healthcare reality empowered by artificial intelligence (AI), machine learning (ML) and robotic technologies. Alongside increased potential to reimagine patient outcomes and clinician capabilities, this revolution has made way for considerable concerns surrounding data use, security and privacy.
It’s a reservation extending from a rapid healthcare transformation that has occurred in recent years. Even well before the virus, health records were almost exclusively digitised, virtual consultations were being normalised and the potential of data-driven technologies was slowly becoming realised. It’s simply become clearer that quality and accessible healthcare data is the integral currency enabling it all.
But at what risk? As described by Cameron F. Kennedy in a Brookings Institution report discussing the concerns of next-gen technologies: “[they] use personal information in ways that can intrude on privacy interests by raising analysis of personal information to new levels of power and speed”. He states that to avoid widespread data breaches, this information must be ethically governed and secured.
Read on to explore the importance of data security and the difficult balance between data sharing and protection in the AI-led world of Health 4.0. Then, discover platforms such as Datarwe’s Clinical Data Nexus (CDN) and initiatives like IntelliHQ’s National AI in Healthcare Datathon that are paving the way for ethical, data-led healthcare.
A healthcare revolution reliant on shared data
Shared healthcare data undoubtedly fuels the tech-led reality of Health 4.0. Whether it’s in the form of electronic health records, clinical results, patient demographics, patient-generated data or research findings, health datasets provide the real-world groundwork from which medical advances blossom.
For example, electronic health records are constantly being shared between information depots, health agencies and the patients in everyday healthcare settings to allow efficient and personalised care. These records can disclose health data covering single patients to entire populations. Beyond the doctor’s office, this data is also steadily being utilised in the training of AI and ML technologies, allowing their capabilities to be expanded by authentic health snapshots of society.
To share this information ethically and securely, data repositories require a complex level of data protection that ensures sensitive patient data is not inappropriately used, disclosed, accessed, altered or deleted.
Without steadfast data security measures, databanks hosting sensitive patient data are at significant risk of security breaches and mishandling. They’re a prime target for cyberattackers monetising data, organising scams or holding ransoms. In fact, according to data collected from the U.S. Department of Health and Human Services in 2021, the number of individuals affected by healthcare cybersecurity breaches has more than tripled since pre-pandemic levels.
This exposes a great need for the healthcare industry to rethink their data handling in-line with the rapidly increasing reliance on patient data. This ensures advances in patient care and medical research does not come at the sacrifice of data privacy and security.
Ethical approaches to data handling for healthcare AI
AI and other next-gen technologies within the healthcare space are dictated heavily by patient data. They’re commonly ‘trained’ by this sensitive information, building capabilities as directed by critical health data.
There has contemporarily been difficulties striking a balance between data security, data access and patient privacy in the development of such Health 4.0 technologies and solutions. However, there are several methods of data collection, use, security and access that can ethically bridge the gap. These include:
- Ensuring patient consent
- Emphasising data risk management training
- Encrypting data in storage
- Using end-to-end encryption during data sharing
- Implementing multi-factor authentication for data use
- Administering role-based access control
- Employing virtual private network as data is accessed
- Following patient data regulations
- Conducting ongoing risk assessments
- Monitoring for suspicious activity
- De-identifying patient data
In particular, de-identified healthcare data has empowered a number of contemporary advances in the research realm. Most recently, IntelliHQ’s 2022 National AI in Healthcare Datathon saw a Melbourne-based team develop a data-analysing decision tool able to determine the necessity of continued blood testing.
They employed Datarwe’s CDN platform to analyse MIT Critical Data’s MIMIC IV dataset – an expansive collection of de-identified critical care data. For this dataset, the de-identification process involved patient identifiers being replaced with random ciphers, meaning identities, hospitalisations and ICU information became mere integers. Dates and times were also shifted randomly into the future.
Datarwe’s CDN platform securely hosts the MIMIC IV dataset and other research-ready, clinical data alongside an advanced suite of data visualisation and modelling tools. Dr Kelvin Ross, CTO of Datarwe, says it empowers approved players along the healthcare pipeline to ethically identify and act on an incredible wealth of secure information.
“The CDN platform provides a secure environment for hospitals and health organisations to share their transformational data with the right people,” says Dr Ross. “It opens a protected two-way conversation between approved researchers and data-sharers, encouraging beneficial insights to be fed back into and actioned within healthcare settings.”
Dr Ross stresses that at every CDN touchpoint, privacy, security and holistic governance is a top priority. Data sharing remains under control of the data custodians at all stages of its lifecycle, with all data implementation compliant with legislative healthcare privacy requirements.
“Advanced cloud technology allows Datarwe to share data with approved audiences efficiently and securely,” continues Dr Ross. “We use the latest security models to host data within sovereign areas and implement accredited security controls to ensure all data is locked down and managed.
“Encrypted data, access rules and an impermeable hosting environment are all part of that puzzle. The data ecosystem is also regularly audited to ensure its security is never compromised.”
Datarwe’s CDN platform demonstrates an ethical bridging of the data access and protection gap. It illuminates the future research possibilities of secure patient data and its place in the world of Health 4.0.
Setting the groundwork for a secure, data-led future of healthcare
IntelliHQ’s AI in Healthcare Datathon sits alongside a comprehensive AI in Healthcare Training Program. Together, they’re designed to position today and tomorrow’s healthcare leaders, researchers, clinicians, technologists and data scientists at the forefront of an ethical healthcare revolution.
Participants dive deep into data governance, collection, use, storage, privacy, security and quality at all levels of the modern healthcare sphere, all while building translational skills that empower their use of data-led technologies in their space.
“The future of AI and other data-driven technologies in the healthcare sphere looks phenomenal on paper”, says IntelliHQ Director, Steve Woodyat. “Truthfully, it is, but it’s not without its teething problems.
“We’ve developed the AI in Healthcare Training Program and Datathon to develop, through education, training, exposure and ethical acknowledgment, how we can work through them together without sacrificing the wants and needs of the wider community. Data privacy and security is at the forefront of it all.”