Kali Durgampudi is the chief technology officer at Zelis, a leading payments company in healthcare.
As the use of artificial intelligence (AI) technologies continues to infiltrate the healthcare space, the security of patient information, electronic health records (EHRs) and communications related to patients’ medical care has become an increasingly critical focus point for healthcare organizations. The proliferation of AI in healthcare has brought with it many questions about AI ethics that are being hotly debated in academia, industry and the media.
For providers, payers, third-party administrators and all players across the healthcare continuum, a new standard of vigilance is now required for IT security teams to safeguard the vast amount of data that is being managed by AI technology.
As the healthcare industry moves, albeit slowly, away from paper-based documentation, AI technology and machine learning programs will be increasingly relied upon to capture and manage highly sensitive patient information.
But keeping data that is managed by AI secure presents challenges.
For example, earlier this year, a bug in ChatGPT forced OpenAI to shut the service down temporarily because some users were able to see the titles of other users’ conversation threads. After resolving the issue, OpenAI resumed its chatbot service, but this breach raises data security questions at a time when the push to digitize and automate healthcare data is moving headlong at breakneck speed.
If the future of medical record keeping is going to entail the collection of sensitive patient information and EHRs using chatbot technologies, the verdict is still out on how securely data can be compiled and stored this way.
While we have all seen some of the amazing things that AI technology has achieved, such as ChatGPT’s recent feat of passing the U.S. Medical Licensing Examination, there are drawbacks beyond questions about security risks. One fact that may come as a surprise to some is that the data that was collected in the chatbot’s programming process has not been updated in over 18 months.
In ChatGPT’s own words, from an article on Medium.com, this is how it answered a question about its training data: “I do not have access to any new information or updates since that time [September 2021] … As a language model, I am not able to browse the internet or access new information… about events that have occurred after my training data was collected.” (I’m not sure about you, but when I read quotes like that, it always plays in my mind in the voice of HAL 9000.)
Establish guidelines and enforce compliance.
One way that organizations can optimize their AI strategy is to establish definitive guidelines and enforce compliance with them. By setting specific policies on the strategic and ethical use of patient data that has been generated using AI technologies, health plans and the companies they partner with can then train their workforce to ensure a secure and efficient internal data management process.
It’s also important to recognize that, as the collection of data becomes more automated and less human-managed, AI strategies that are implemented incrementally will reap the benefit of addressing snags at early stages versus—potentially—too late. Establishing achievable milestones that each occur in relatively short time frames will likely produce better long-term results as this allows time to identify and resolve issues before they can turn into bigger problems.
As leaders throughout the industry refine and implement IT security plans and processes related to AI patient data management and their teams work to safeguard information, human oversight will continue to play a critical role in the evolution of AI in healthcare.
The push to digitize and automate healthcare data management represents a giant leap forward in helping health plans deliver better outcomes for their members. This effort will be best achieved if it’s accomplished one small step at a time.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?