When a radiology practice undertakes an AI project, it is appropriate to prioritize cybersecurity above other objectives and concerns. A new paper provides guidance.
The authors cite the appeal of augmented AI given the growth of imaging data worldwide over the past few years, and point to lessons learned outside of medicine.
“Embracing an artificial intelligence (AI) project in radiology is complex and not without risks, especially as cybersecurity threats continue to mount in the healthcare industry,” they write. . “Fortunately, healthcare providers and device manufacturers have the advantage of drawing inspiration from other industry sectors that are leading the way in this space.”
The paper is lead authored by Brendan Kelly, MBBS, a radiologist at St. Vincent’s University Hospital, Dublin, Ireland. The lead author is Dr. James Burrell, a computer scientist at the University of Hawaii. Radiology in Europe Published on July 7th [1].
In the section on data management, the authors cover seven key aspects of AI adoption. Some are common to all industries, some are specific to healthcare, and some are specific to medical imaging. example:
1. Data Ethics. The pros and cons of using patient data to train and test AI is “complex and controversial,” Kelly and co-authors said, citing earlier academic commentary, and related to data ownership. Rather, it argues that the best grounds for making such considerations are: We believe that data is a resource that benefits society. more:
“[A]Almost all healthcare organizations are required to purchase data from third parties. While the ethics of data purchases are still a matter of debate, it’s clear that security and confidentiality updates go hand in hand with good ethical standards. ”
2. Data Access. Kelly and others cite the sheer number of IT systems and clinical services that use electronic medical records within provider organizations as a key security concern.
“The ability of multiple users to operate an EHR is fundamental to the value of an EHR. However, having multiple users poses a risk of its own. can be abused.”
3. Data query. The authors cite Health Level 7, Version 3 as the established gold standard for exchanging data between technologies from different vendors. But be careful, they warn.
“HL7 version 3 is based on XML and transfers text data without encryption. , does not provide protocol-level encryption.”
4. Anonymization of data. Kelly et al. list several challenges involved in this process. First, most medical images contain metadata that sophisticated criminals can unpack and identify patients.
“Furthermore, medical images themselves often contain identifiable information, such as data that can be used to reconstruct a patient’s facial image. Instead, it highlights some of the additional complexities encountered in radiology-specific use cases.”
5. Data Storage. In 2019, researchers demonstrated that malware could modify DICOM file formats with relative ease. Kelly and co-authors confirm that this type of attack does not yet exist. But that very possibility shows that medical imaging faces a unique threat to every industry.
“This reality further underscores the need to examine medical technology and industry standards to identify potential security vulnerabilities.”
6. Data Transfer. The authors point out that healthcare institutions generally lack the computational resources required to quickly and securely transfer large amounts of data to industry partners who can perform the necessary relevant analyses. This lack, they say, “increases the cyber attack surface.”
“Whether data is stored locally or remotely, security and privacy are important considerations for the integrity of hardware and software applications, access control, and the systems that govern these processes. .”
7. Data labeling. This step involves assigning one or more descriptors that provide context to the data. The authors comment that this is “one of his most interesting challenges in both big data and AI in digital health.”
“Cyber-attacks can compromise data labels. AI algorithms can then be trained on this data, resulting in inaccurate results and recommendations. This can have a negative impact on patient care and may only become apparent during evaluation or testing of AI algorithms.”
Kelly et al. “While it is clear that AI has the potential to revolutionize the practice of radiology, we recognize the potential impact of increased connectivity and technology adoption on the confidentiality, integrity and availability of medical data. It’s important to.”
The full text of this paper is available free of charge.
