Wade’s Healthcare Privacy Advisor for December 4, 2024

Artificial Intelligence

• Ensuring AI models provide faithful and reliable explanations is challenging, particularly in high-stakes fields like healthcare and finance, as current interpretability paradigms—intrinsic and post-hoc—fall short. Intrinsic models, though inherently interpretable, often lack general applicability and competitive performance, while post-hoc methods, although flexible, frequently produce explanations that do not align with the model’s logic. To address these issues, three new paradigms have been introduced: Learn-to-Faithfully-Explain, Faithfulness-Measurable Models, and Self-Explaining Models, which aim to enhance faithfulness and interpretability without sacrificing performance. These approaches are tested on synthetic and real-world datasets, showing significant improvements, such as a 15% increase in faithfulness metrics, while maintaining high accuracy. The new frameworks promise to bridge the gap between interpretability and performance, making AI systems more transparent and reliable for various applications.
• Explainable AI (XAI) is crucial for building trust by making AI decisions understandable, particularly in healthcare where transparency is essential for diagnostic and treatment recommendations. Autonomous and agentic AI systems enhance decision-making and patient care by automating processes, such as monitoring and treatment adjustments, while Edge AI enables real-time processing and improves data privacy by handling information locally. AI also augments the healthcare workforce by assisting with data analysis and diagnostics, allowing humans to focus on tasks requiring emotional intelligence and critical thinking. As AI reshapes job roles, it is essential for healthcare organizations to adapt and leverage these technologies effectively.
• Nearly half of Americans with health insurance receive unexpected medical bills due to systemic issues in healthcare billing, costing $210 billion annually and adding $68 billion in unnecessary expenses. Errors often stem from data entry mistakes, outdated coding practices, and duplicate billing, which AI and machine learning technologies aim to address by reducing errors and improving efficiency. AI-powered systems enhance claims processing by detecting errors in real-time, improving reimbursement rates, and reducing patient distress from rejected claims. Natural Language Processing (NLP) optimizes clinical documentation and revenue management, while AI also improves diagnostic accuracy by identifying conditions like ischemic strokes and hypertrophic cardiomyopathy early. However, human oversight is crucial to ensure AI’s responsible use, maintaining patient care standards and allowing healthcare professionals to focus on direct patient interactions.

Bias & Equity

• AI in healthcare faces challenges in ensuring patient confidentiality and data diversity, potentially leading to biased results. A Cambridge professor advocates for AI-improved data and synthetic data to address these issues, arguing they can enhance data quality and fairness. However, concerns remain about the potential for synthetic data to perpetuate biases and overlook real-world anomalies, as seen in the case of inaccurate pulse oximeter readings for darker skin tones.
• The Biden administration seeks to implement guardrails on the use of AI in healthcare to prevent biases and discrimination, particularly against low-income and minority patients, by avoiding flawed AI-driven recommendations. The success of these proposals depends on their finalization by the Trump administration. These measures align with the administration’s broader goals of enhancing access to care within Medicare and Medicaid programs.

Cybersecurity

• The HHS Office of Inspector General (OIG) report criticized the Office for Civil Rights (OCR) for its narrow HIPAA audit program, which assessed only eight out of 180 requirements, failing to adequately improve cybersecurity at healthcare organizations. The audits did not evaluate physical or technical safeguards, leaving potential vulnerabilities unaddressed. The OIG recommended expanding the audit scope, enforcing corrective measures, and establishing evaluation metrics, but the OCR cited budget constraints and a lack of resources as barriers to implementing these changes. From fiscal years 2018 to 2020, the OCR’s budget remained at $38 million, while complaints and data breach reports increased, and investigative staff numbers decreased by 30% since 2010. Despite agreeing with most recommendations, the OCR disagreed with requiring corrective measures, emphasizing that HIPAA allows for civil penalties instead, and audits are intended to offer technical assistance.
• The continued success of telehealth hinges on its accessibility, but challenges remain, such as digital inequalities and the need for inclusive design for diverse populations. Security is a critical concern as telehealth platforms handle sensitive patient data, necessitating robust measures like encryption, multi-factor authentication, and compliance with privacy laws. The inherent tension between accessibility and security requires a balance to prevent vulnerabilities without deterring patients from using these services. Emerging technologies like AI and blockchain may enhance both security and accessibility, but a collective effort from healthcare providers, developers, policymakers, and patients is essential to ensure telehealth remains safe and inclusive.

Data Privacy

• Four U.S. healthcare organizations, HealthFund Solutions, Option Care Health, Liberty Endo, and Numotion, experienced unauthorized access to employee email accounts. The breaches exposed protected health information of thousands of individuals, including names, addresses, Social Security numbers, medical information, and financial details. The organizations are offering credit monitoring and identity theft protection services to affected individuals.