AI & Data Security in Healthcare

Last year, I attended a fascinating AMA event featuring a tech founder whose product is a staple in our lives. I asked him what the next big movement in technology is going to be and he said:

“The next big wave since the advent of the internet will be Artificial Intelligence. AI will change everything. It will be in all of our devices and it will affect every aspect of our lives”.

Many articles about artificial intelligence in the field of medicine reflect this statement. Radiology Today talked about how AI is making a big impact and will soon revolutionize the way that radiology is carried out. According to Raym Geis, MD, FACR, a senior scientist at DSI and assistant clinical professor of radiology at the University of Colorado School of Medicine in Fort Collins, “AI can find patterns in data that humans cannot see. This applies to image data, nonimage data such as predicting patient no-shows, or improving workflow.” So, people are finding multiple reasons to incorporate this capability. AI in radiology studies provides an abundance of critical medical information and identifies issues that go unnoticed by the human eye. A secondary feature is the administrative insight that can help them run their practices more efficiently.

There are several companies developing AI technology that help clinicians diagnose cancer with significantly greater speed and accuracy. The software analyzes large amounts of patient data. The major concern for hospitals is — how well can we really secure that information? Protecting this data is a growing field in itself.

Clinical medical practices have been slower to adopt digital trends and applications due to concerns about data security. HIPAA law is very strict to protect patient confidentiality, as it should be. Many people are aware that connecting patient information to digital platforms can pose some serious security risks. It’s because of this liability that clinicians have been careful not to jump on apps or digital platforms as quickly as other industries. However, there are many who see the benefits of modern software and want to figure out a way to integrate useful platforms into their practices.

It’s not just electronic health records and imaging software that we have to be concerned about. It’s also the smaller devices and diagnostic tools that carry confidential patient data. Last year, Medtronic received FDA approval for the Minimed 770g insulin pump system with smartphone connectivity. It’s a wireless insulin pump that can be controlled using a smart phone interface. Caregivers will see the data remotely on their smartphones and get notifications when the levels are out of range. The data can also be shared with clinicians and educators. It’s important that for devices like this, the data and the communication between the medical device and the application are tightly secured.

The field of Artificial Intelligence and Machine Learning in healthcare is rapidly expanding. New ideas are constantly being researched and developed for medical IoT. Not only do these tools require a lot of patient data and medical history, but they directly affect a person’s health status. Those devices cannot be allowed to be compromised. So, the question is always about how safe those applications and devices are from a cyberattack. As product offerings grow, so must our ability to protect patient information and medical devices.

Researchers Forcier, Gallois, Mullan, and Joly illustrated the impact that AI is having on the healthcare field. In the Journal of Law and the Biosciences, they made the following observations about data and privacy:

“AI promises to lead the next major technological revolution, similar in stature to electricity and the internet.”

“AI has already led to improvements, particularly in areas such as precision medicine, diagnosis tools, psychological support, and help for the elderly. AI technologies generally require large amounts of both personal and non-personal data to function. In health care specifically, AI technologies rely on personal information, including health-related data extracted from medical files or research participants’ results. Promoting AI and capturing its benefits for the health care system yet depend, in large part, on procuring a convenient access to this sensitive data. Ensuring that privacy protections are in place appears essential, especially with individuals showing substantial concerns about sharing their data in the medical and clinical context.”

“In the United States (US), studies have shown that individuals’ willingness to participate in research involving their genetic data is affected by their concerns about their ability to protect their privacy in such context. Paradoxically, this lack of trust is counterbalanced by a growing popularity of direct-to-consumer genetic testing and health monitoring devices. These devices create massive flows of personal and health data, mostly to private companies. This ambivalent attitude of individuals toward data sharing is a major issue for any privacy and data protection regulation. Adequately assuring the right to privacy of citizens while facilitating access to personal data for research is probably one of the biggest challenges policymakers have to face in any country wishing to benefit from many opportunities of AI technologies in health care.”


Mélanie Bourassa Forcier, Hortense Gallois, Siobhan Mullan, and Yann Joly. “Integrating artificial intelligence into health care through data access: can the GDPR act as a beacon for policymakers?” Journal of Law and the Biosciences, vol. 6, Issue 1, Oct. 2019, Pages 317–335. Accessed 3/26/21.

Keith Loria. “Putting the AI in Radiology” Radiology Today, vol. 19, no. 1 P. 10. Accessed 3/26/21.

Software developer with a tech stack in Ruby, Rails, HTML, CSS, JavaScript, React, and Redux. Will code for coffee.