Balance AI Chatbot Use in Health Care With Privacy, Blogger Says
Health care providers must balance the benefits of deploying AI chatbots while ensuring legal safeguards are in place that protect patient privacy, said Womble Bond research consultant Amy Hill in a blog post Monday. In particular, they must comply with regulations within the Health Insurance Portability and Accountability Act (HIPAA), she added.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
"Healthcare professionals are finding AI to be nothing short of an asset in producing efficient communication and data organization on the job," as "clinicians utilize AI for managing medical records, patient medications, and various medical writing and data organization-based tasks," Hill said. But they "must be cognizant of the perils of using AI chatbots as a means to communicate with patients," when "patient medical records and sensitive information are involved."
The blog noted that AI systems have many data-collection mechanisms and are particularly vulnerable to bugs and breaches. To combat this, "opt-out features and encryption protocols are two ways AI protects user data," Hill said. But "tech companies collaborating with healthcare providers in creating HIPAA-compliant AI software would be even more beneficial to the medical field."
Obtaining patient consent and ensuring patient data is anonymized are also critical, the blog said. "Requiring patients to sign releases expressing consent that medical records may be used for research, in addition to proper anonymization of patient data used for research, may mitigate legal risks associated with HIPAA compliance."
Using the National Institute of Standards and Technology (NIST) AI Risk Management Framework (AI RMF) to mitigate risk can also help in "leveraging the vast capabilities of artificial intelligence" while also keeping "robust data encryption and strict adherence to HIPAA compliance protocols," Hill said.