AI in health care: the risks and benefits

The hype around artificial intelligence (AI) spiked again recently with the public release of ChatGPT. The easy-to-use interface of this natural language chat model makes this AI particularly accessible to the public, allowing people to experience first-hand the potential of AI. This experience has spurred users’ imagination and generated feelings ranging from great excitement to fear and consternation.

But the reality is that for many years now, AI has been making remarkable strides in a wide range of industries and health care is no exception.

The potential benefits of incorporating AI into health care are numerous but like every technology, AI comes with risks that must be managed if the benefits of these tools are to outweigh the potential costs.

One of the most significant benefits of AI is improved diagnostic speed and accuracy. AI algorithms can process large amounts of data quickly and accurately, making it easier for health care providers to diagnose and treat diseases.

For example, AI algorithms can analyze medical images, such as X-rays and MRI scans, to identify patterns and anomalies that a human provider might miss. This can lead to earlier and more accurate diagnoses, resulting in better patient outcomes.

In addition, AI algorithms can help health care providers by providing real-time data and recommendations. For example, algorithms can monitor patients’ vital signs, such as heart rate and blood pressure, and alert doctors if there is a sudden change. This can help health care providers respond quickly to potential emergencies and prevent serious health problems from developing.

AI can also help health care providers better manage chronic conditions. AI algorithms can monitor patients’ health data over time and provide recommendations for lifestyle changes and treatment options that can help manage their condition. This can lead to better patient outcomes, improved quality of life, and reduced health care costs.

Finally, AI has the ability to improve access to care. Its algorithms can enable providers to reach more patients, especially in remote and underserved areas. For example, telemedicine services powered by AI can provide remote consultations and diagnoses, making it easier for patients to access care without having to travel.

However, along with the many benefits of AI there are security and privacy risks that must be considered. One of the biggest risks is the potential for data breaches. As health care providers create, receive, store and transmit large quantities of sensitive patient data, they become targets for cybercriminals. Bad actors can and will attack vulnerabilities anywhere along the AI data pipeline.

Another risk is the unique privacy attacks that AI algorithms may be subject to, including membership inference, reconstruction, and property inference attacks. In these types of attacks, information about individuals, up to and including the identity of those in the AI training set, may be leaked.

There are other types of unique AI attacks as well, including data input poisoning and model extraction. In the former, an adversary may insert bad data into a training set thereby affecting the model’s output. In the latter, the adversary may extract enough information about the AI algorithm itself to create a substitute or competitive model.

Finally, there is the risk of AI being used directly for malicious purposes. For example, AI algorithms could be used to spread propaganda, or to target vulnerable populations with scams or frauds. ChatGPT, referenced above, has already been used to write highly convincing phishing emails.

To mitigate these risks, health care providers should continue to take the traditional steps to ensure the security and privacy of patient data. These include conducting risk analyses to understand their unique risks and responding to those risks by implementing strong security measures, such as encryption and multi-factor authentication. Additionally, health care providers must have clear policies in place for the collection and use of patient data, to ensure that they are not violating patient privacy.

Health care providers should consider being transparent about the algorithms they are using and the data they are collecting. Doing so can reduce the risk of algorithmic bias while ensuring that patients understand how their data is being used.

Finally, health care providers must be vigilant about detecting and preventing attacks on the AI algorithms themselves.

Jon Moore is chief risk officer and head of consulting services and customer success of Clearwater, a cybersecurity firm.