The Healthcare industry has witnessed an enormous digital transformation in recent years. Especially post COVID-19, the adoption of digital technologies is increased in areas such as virtual consultation and contact tracing by public health organizations.
At the same time, regulators across regions have released specific guidelines and sometimes even updates in regulations to protect the health data and rights of the patient. Some such examples include:
HIPAA (Health Insurance Portability and Accountability Act) Safe Harbor Bill
American Medical Association’s checklist for app developers
Governance and procedural controls and even traditional IT controls provide limited protection and assurance to comply with such guidelines. Organizations now rely more and more on ‘Privacy-Enhancing Technologies (PETs).’ These technologies help us implement fundamental data protection principles by minimizing personal data use, maximizing data security, and empowering individuals.
This article aims to be a quick primer for some such technologies.
Homomorphic Encryption is one such technology that was trending in 2021. It provides the ability to analyze and insight generation without exposing the data ever. It ensures that public health authorities pursue contact tracing of populations without disclosing sensitive health information to location data aggregators, such as cellular companies or other technology solution providers. The paper published in IEEE Journal of communications and network October 2021 provides a detailed context in this regard
Federated Learning (FL) is another emerging technique adopted for machine learning.
Traditionally, healthcare systems rely on centralized AI functions located at the cloud or the data center for health data learning and analytics. It may not be feasible due to an exponential increase in the volume of health data, distributed IoMT devices, and growing data privacy concerns.
FL includes distributed collaborative AI paradigm, which enables the coordination of multiple clients (such as hospitals and IoMT devices) to perform AI training without sharing raw data. It keeps the patient data private at the source while sharing only outcomes that do not include personal information. More importantly, it may also help avoid issues such as the one reported about IBM Watson prescribing the wrong drug during a simulation.
Healthcare technology start-ups in India may get a significant opportunity to enter this space with Ayushman Bharat Digital Mission. From telemedicine to online pharmacies, digital lockers, and even consent managers customized for using local Indian languages, India’s Healthcare IT market is vast.
The mantra for building effective products for this market is to involve the right stakeholders from legal, GRC, technology, user interface, and product development teams at the beginning of the lifecycle.
To summarize, Privacy Enhancing Technologies will play a significant role in making such products successful and creating a ‘win-win’ situation for all the stakeholders. They will be mandatory PET projects at some point for the healthcare industry.