Artificial Intelligence & Machine Learning , Next-Generation Technologies & Secure Development
Checking Out Security Before Using AI Tools in HealthcareSean Kennedy of Salesforce Discusses Findings of Recent Surveys
Most healthcare workers don't check security protocols before trying out new generative AI tools such as ChatGPT, putting patient and other sensitive data at risk, said Sean Kennedy of software vendor Salesforce, which recently conducted research on potential security gaps in healthcare settings.
"While we see the potential of generative AI to transform the way healthcare employees work, it's not without its risks," he said in an interview with Information Security Media Group.
Generative AI has the potential to reduce administrative burdens and clinician burnout, but the tools also pose risks to patient privacy and security, in part because they require large amounts of data for training the technologies.
"Health IT security teams really should ensure that data used to train generative AI is de-identified and anonymized to protect patient privacy." In addition, access to the tools should be limited to only authorized users, Kennedy said.
Of the 400 healthcare professionals Salesforce recently surveyed, nearly one-quarter said they think generative AI tools are safe to use for their work. About 15% of healthcare organizations have begun experimenting with generative AI tools.
In the interview (see audio link below photo), Kennedy also discusses:
- Other considerations for using generative AI tools in healthcare;
- Why healthcare workers often fall victim to phishing and social engineering scams resulting in data breaches, despite cybersecurity awareness training;
- The most commonly underutilized security technologies and best practices that have the best potential for preventing many health data breaches.
Kennedy leads interoperability planning to promote internal alignment to prevailing standards and emerging approaches to sharing data. He is a 25-year veteran of the health IT space, including his service in the U.S. Army specializing in health information systems, at Mass General Hospital, and with the Mass eHealth Institute leading the State HIE Program.