Importance of Data Security in the Age of Artificial Intelligence Policymakers need to look at standardization of digital health records by identifying a systematic approach to IT in healthcare

By Ashim Roy

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.


In the age of Artificial Intelligence (AI), data is power. And in a country like India, the scope for AI is colossal, especially in healthcare. From precision medicine and data management to remote diagnosis and predictive analysis, technology in healthcare is making giant strides. However, these innovations are also posing new-fangled security challenges, particularly in terms of personal health records.

According to a recent global study, more than one-third (35.6 per cent) of surveyed professionals in the Internet of Things-connected medical device ecosystem said that they had experienced an incident related to cybersecurity in the past year. For technology to truly change the way healthcare is delivered, we need to first address the issue of cyber-attacks, such as data theft and ransomware. Can AI help neutralise cyber threats without human intervention? Does the future of cybersecurity lie in the untapped potential of AI?

The Achilles heel

Traditionally, the responsibility of maintaining healthcare data in India has rested with the patients. Even today, paper-based systems are used to generate medical records, while treatment history continues to be handwritten in the majority of cases. Understandably, most of this data simply goes missing with time. Or else, in the electronic form, it is often rendered inaccessible, as it sits idle on data servers of private healthcare facilities.

What we need is a safe and seamless flow of information within the digital healthcare infrastructure that can transform the ways in which clinicians diagnose and treat patients. A centralised record-keeping system, like the Electronic Health Record (EHR), can facilitate rapid data retrieval, data sharing, as well as trend analysis. Today, these digital healthcare systems are capable of collecting data from multiple sources - hospitals, clinics, diagnostic facilities, individual healthcare practitioners. Nonetheless, the adoption of wearables and implanted sensors in preventive and emergency medical response systems, using short-distance wireless-communication techniques, are raising pertinent concerns about data security.

There are numerous instances of security breaches in the global healthcare industry. In June 2017, US pharmaceutical company Merck and healthcare provider, Heritage Valley Health Systems became the target of NotPetya ransomware attack, while recently, a Bayer MedRad device, used to assist MRI scan, was infected by WannaCry ransomware virus. With the Internet of Things (IoT), there are several points of inflow and outflow of information today - more potential soft spots - which can be targeted by unscrupulous data hackers. Data breaches in healthcare have reportedly affected millions of people causing theft of identities, monetary losses, loss of benefits, and leakage of sensitive personal data to third parties. The price of personal medical information in the conman's marketplace is believed to be 10 times higher than credit card details!

Policy decisions

As more healthcare technologies and solutions become network connected, the frequency of cyber-attacks will increase. In time, there will be an increased awareness among corporate information security officers (CISO) at the provider and payer organisations as well as healthcare technology companies to do more to protect healthcare data. Researchers are already using cognitive algorithms to learn and predict new malware behaviours; Al-based, self-learning security systems hold the promise of automatic cyber defence in the future.

Policymakers need to look at standardization of digital health records by identifying a systematic approach to IT in healthcare. Taking a cue from nations where policies are already in place, like the Health Information Portability and Accountability Act (HIPAA) in the US and the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada, operational guidelines need to be drafted as a precursor to the national EHR policy. Interestingly, many countries incentivise the use and constant up-gradation of EHR systems.

With the Digital India drive and Smart Cities Mission accelerating IT adoption in healthcare, health tech companies need to up their ante on security. However, data security is not free; there are cost implications for equipment vendors. Currently, most equipment vendors leave the security issues to hospitals and insurance companies to dodge the price disadvantage in a competitive market. Yet, we need to think long-term, much like investing in a vaccine that'll prevent the spread of an epidemic.

Ashim Roy

Co-Founder and CEO, Cardiotrack

 Ashim Roy is the co-Founder and CEO of Cardiotrack. He is no stranger to the global start-up ecosystem. He has been mentoring teams with exciting ideas and helping them grow. Small wonder then that he has now founded a company that is set to change diagnostics services in healthcare-dark areas.

Related Topics


International Security Firm Welcomes Female India Native to an Essential Leadership Position

Yasmin Brar has been appointed as the Operations Strategy Director, a role that underscores the company's commitment to innovation, expansion, and strategic management

Business News

Here Are 3 Strategies Startup Founders Can Use to Approach High-Impact Disputes

The $7 billion "buy now, pay later" startup Klarna recently faced a public board spat. Here are three strategies to approach conflict within a business.

Science & Technology

These Are the Top 6 AI Threats to Your Business Right Now

The modern workforce is forever changed by artificial intelligence. If you fail to understand that we will all need to learn AI to some degree, you haven't been paying attention.

Business News

Report: The Majority of Recent College Grads End Up in Jobs That Don't Need Bachelor's Degrees

Two research companies looked at a dataset of 60 million Americans.

Business News

Vice Will No Longer Publish Content on Its Website, Lays Off Hundreds of Staffers

Vice Media CEO Bruce Dixon announced the news in an internal memo to employees on Thursday.