Written by Dr. Vikram Venkateswaran
In the realm of generative AI (Gen AI), the healthcare industry is on the brink of a transformation that promises to reshape the delivery of care. One important aspect of this paradigm shift that requires attention is the role of cybersecurity controls.
In a recent announcement, Paul McCartney, the last surviving Beatle, declared that the group would release the “last” Beatles song. This news attracted a lot of attention considering the other band members had passed away. What we currently know is that his Gen AI will be used to create the song based on unreleased recordings by lead singer John Lennon. This shows the power of Gen AI and the potential of this emerging technology.
Music has a profound impact on health, and the life sciences and healthcare (LSHC) industry is not far behind in adopting Gen AI. In the life sciences space, Gen AI is ready to develop drug candidates, screen potential treatments, and map their impact even before clinical trials. This approach reduces the time spent on drug discovery and ensures thorough evaluation of drug efficacy and toxicity. Drug candidates before proceeding to human clinical trials.
Continued below
Gen AI will significantly impact the patient experience by streamlining medical data, clinical data diagnostics, clinical decision support systems, and increasing access to care. In a nutshell, there are four key areas where Gen AI will impact the LSHC industry.
1) Improving the efficiency of clinical operations
2) Improving patient experience
3) Realization of new research and development (R&D)
4) Formation of new care models
Industry transformation is promising, but scaling and adoption of Gen AI programs across the value chain requires a focus on cybersecurity management. These controls must scale with your Gen AI program to ensure success in achieving your business and clinical goals.
In the case of drug discovery mentioned above, there are significant risks related to the pharmaceutical company’s intellectual property (IP). This risk arises because Gen AI models are trained on an organization’s clinical data, and unauthorized individuals or malicious users can access this data, potentially leading to IP theft.
To mitigate such risks, pharmaceutical companies must invest in cybersecurity measures such as encryption, secure data hosting, and privileged access management. These cyber investments are critical to mitigating the risk of IP loss and, as a result, can impact the growth and development of pharmaceutical companies.
Additionally, six categories of cyber risks associated with the Gen AI model must be addressed to ensure the scalability and commercial success of these programs.
1) Generative AI Model Risks – Vulnerabilities in the Large-Scale Language Models (LLMs) themselves that can lead to loss of IP.
2) Infrastructure Risks – Risks inherent in the cloud or on-premises infrastructure used to host these Gen AI models.
3) Data risks – are particularly relevant to LSHC and include data identification, classification, and overall security due to new regulations such as the Digital Personal Data Protection Act (DPDPA) and clinical data confidentiality.
4) Talent Risk – Ensure the right people are working on these models to ensure Gen AI models do no harm during the decision-making process.
5) Application risks – vulnerabilities in the AI algorithms themselves. This leads to suboptimal results and data leaks.
6) Training and Testing Risks – Cyber risks associated with the process of leveraging training and testing data for healthcare purposes.
To effectively manage these risks, a structured approach is essential, starting with a focus on business and clinical goals for using Gen AI. This needs to be supported by a governance layer consisting of policies, procedures, cybersecurity measures, risk management, and controls. The next step is to establish a process for Gen AI lifecycle management, including deployment, maintenance, scaling, customization, and decommissioning.
Finally, ensuring the success and security of Gen AI in healthcare and life sciences requires regulatory compliance and key principles of risk management such as confidentiality, integrity, availability, authenticity, authorization, and privacy. Compliance is essential.
In conclusion, the LSHC industry’s success or failure in implementing Gen AI will depend on its ability to effectively address cybersecurity risks. Paying close attention to this aspect will pave the way for the widespread development of Gen AI, contributing to the continuous improvement of human potential and growth.
Dr. Vikram Venkateswaran, Risk Advisory Partner, Deloitte India
(Disclaimer: The views expressed are solely those of the author and are not necessarily agreed with by ETHealthworld. ETHealthworld.com is not responsible for any damage caused directly or indirectly to any person/organization. not.)
Most Read in Health IT
Join a community of over 2 million industry professionals
Subscribe to our newsletter for the latest insights and analysis.
Download the ETHealthworld app
- Get real-time updates
- Save your favorite articles