Healthcare is one of the industries that stands at the forefront of reaping dramatic and demonstrable benefits from the increased use of artificial intelligence. AI offers real potential to save lives and significantly improve quality of life for individuals all over the world, empowering major advances in research, drug development, detection, prevention, diagnosis, clinical trials, digital imaging and patient care. The list goes on.
In 2017, venture capital investment in AI for healthcare totaled nearly $1.3 billion across 103 deals, according to research from KPMG. And, while the final numbers haven’t yet been tallied for 2018, the rate of investments in 2018 were well on pace to match and even exceed those totals.
Those investments are being fueled by the promise of industrywide innovation and heady predictions of explosive market growth. According to Accenture, the healthcare AI market is growing at an annual average rate of 40% a year and will top $6.5. billion by 2021. What’s more, AI in healthcare will create potential annual savings of $150 billion for the U.S. healthcare economy alone by 2026, Accenture adds.
Addressing Data Privacy and Cybersecurity
There is a catch, however, to making all of these investments pay off and enabling patients and clinicians to truly reap the vast benefits of artificial intelligence in healthcare. To be maximally effective, AI systems need access to the voluminous and valuable data created and stored in electronic health record systems. And right now, there are still too many legitimate concerns about data privacy and cybersecurity that must be addressed.
“Healthcare records are extremely lucrative on the dark web,” says Sean Duca, Vice President, Regional Chief Security Officer, Asia Pacific and Japan, for Palo Alto Networks. “They provide a whole range of information valuable to cybercriminals. And, unfortunately, over the past few months, we’ve seen that public records have been breached.”
The threat of data breaches can limit the value of AI if clinicians and patients are afraid to share their data. Australia provides a compelling case study. The country is trying to get all citizens to participate in a national My Health Record initiative. However, more than 1.1 million people have opted out of the program as of October and there have been calls to delay the rollout even further because of an increase in the number of breaches. In fiscal 2018, the system experienced 42 data breaches.
“Healthcare has to be treated as critical infrastructure, the same as energy,” Duca says. “It has to be protected at higher levels. One of the challenges is that healthcare information is always on. People are hooked up to machines and these machines are constantly creating new data, often through the Internet of Things.”
Tackling the Problem
The growth of artificial intelligence and the Healthcare Internet of Things increases the attack surface exponentially. This puts more pressure on organizations to protect the data from theft, as well as securing the integrity of the data so it is protected from manipulation. Also, since more people are dependent on digitally connected devices, healthcare organizations must ensure always-on availability.
Duca suggests several steps organizations can take now to improve the security of health records so that patients and practitioners can feel safer in using and accessing artificial intelligence. These include:
- Design your systems and devices with security from the outset, not as an add-on.
- Ensure you are using modern solutions that rely on automation to fight machines with machines.
- Recognize that the attack surface is much broader than ever before, so upgrade all of your endpoints and access points with current security technologies.
- Make sure your wireless access points are encrypted, with data encrypted at rest and in transit.
- Utilize integrated threat intelligence and reduce your compliance scope.
- Restrict access to data and applications, using access controls that utilize multi-factor authentication
In addition to these steps, it is important to ensure that your organization is utilizing best practices in cybersecurity hygiene and providing ongoing cybersecurity education and training to healthcare staff.
The potential benefits of artificial intelligence in healthcare are too profound to allow AI to be held back by concerns about data privacy and cybersecurity. At the same time, however, those concerns are real and must be addressed, now and into the future.