The use of artificial intelligence, machine learning and robotics has enormous potential, but along with that promise come critical privacy and security challenges, says technology attorney Stephen Wu.
For example, in healthcare, “we’re beginning to see surgical robots … and robots that take supplies from one part of a hospital to another. …You can use AI to help sequence a child’s DNA … and match and identify a condition in very short order,” Wu says in an interview with Information Security Media Group.
But along with those bold technological advances come emerging privacy and security concerns.
“The HIPAA Security Rule doesn’t talk about surgical robots and AI systems,” he notes. Nevertheless, HIPAA’s administrative, physical and technical safeguard requirements still apply, he says.
As a result, organizations must determine, for example, “what kind of security management procedures are touching these devices and systems - and do you have oversight over them?”
Also critical is ensuring that “communications are secure from one point to another,” he points out. “If you have an AI system that’s drawing records from an electronic health record, how is that transmission being secured? How do we know the AI systems drawing [information] from the EHR system has been properly authenticated?”