3rd Party Risk Management , AI-Based Attacks , Artificial Intelligence & Machine Learning
Properly Vetting AI Before It's Deployed in Healthcare
Attorney Lee Kim of HIMSS Discusses Evolving Tech ConsiderationsThe U.S. healthcare sector needs to closely watch government regulatory and legislative developments involving artificial intelligence, including the European Union AI Act, said Lee Kim, senior principal of cybersecurity and privacy at the Healthcare Information and Management Systems Society.
"Some technologies - they are very, very risky on the extreme end, and if those are banned, there are some limitations as to those systems," she said.
"That's very important because we're starting to see that there is a link between AI and safety," Kim said in an interview with Information Security Media Group during the HIMSS 2024 conference in Orlando, Florida.
"For example, in the military context, I don't think we necessarily even want to fathom AI or other systems being automated in that sense, but AI is being embedded into everything. And that's something we need to keep an eye on."
Many generative and other AI technologies tend to "take an educated guess," Kim said. "But what is happening is that you always have to review the output, especially in the age of social media, Tik Tok and others. You have to ask, 'Do we still have the discernment skills where we can review something and see an error, an omission?' Sometimes it might hallucinate something that is not true at all," she said. "So we need to have an eye out for fake information - and what we should do about it."
Kim said that all healthcare organizations implementing or considering AI should stand up a committee that represents key stakeholders - including legal, clinical, accounting and others - to carefully review the potential ramifications of AI in the institution.
In this audio interview with Information Security Media Group (see audio link below photo), Kim also discussed:
- Suggestions for testing AI and its accuracy;
- Privacy and security considerations involving AI in healthcare;
- How the healthcare sector can safeguard against a potential "cascade of failures" involving a major industry cyberattack such as the Change Healthcare incident.
Kim is a healthcare and intellectual property attorney and cybersecurity and data privacy subject matter expert. Kim's cybersecurity expertise includes healthcare and other critical infrastructure fields and a wide variety of other businesses. She also serves with the US Department of Homeland Security Analytic Exchange Program, as a director of InfraGard Northern Capital Region, and vice chair of the policy committee of the American Bar Association Health Law Section. She is also national visiting committee member of the National Cybersecurity Training and Education Center, appointed by the National Science Foundation as the healthcare representative for NCyTE.