Electronic Health Reporter

By Israel Krush, CEO and co-founder, Hyro.

Generative AI, until recently an uncharted frontier, is now encountering regulatory roadblocks. Fueled by minimal oversight, its meteoric rise is slowing as frameworks take shape. Businesses and users alike brace for the ripple effect, wondering how increased scrutiny will reshape this booming sector.

While AI automation could revolutionize efficiency and speed up processes in many customer-facing industries, healthcare demands a different approach. Here, “consumers” are patients, and their data is deeply personal: their health information. In this highly sensitive and regulated field, caution takes center stage.

The healthcare industry’s embrace of AI is inevitable, but the optimal areas for its impact are still being mapped out. As new regulations aim to curb this disruptive technology, a crucial balance must be struck: fostering smarter, more efficient AI tools while ensuring compliance and trust.

The Need for Regulation

Regulatory mechanisms and compliance procedures will play a crucial role in minimizing risk and optimizing AI applicability in the coming decade. 

These regulations must be developed to effectively safeguard sensitive patient data and prevent unauthorized access, breaches, and misuse—necessary steps in gaining patient trust in these tools. Imagine the added friction of AI systems that misdiagnose patients, spew incorrect information, or suffer from regular data leaks. The legal and financial implications would be dire.

Optimized workflows simply cannot come at the cost of unaddressed risks. Regulated and responsible AI is the only way forward. And in order to achieve both, three foundational pillars must be met: explainability, control, and compliance. 

Explainability 

Healthcare professionals tread a thin line when handling sensitive data, responding to urgent inquiries, and adhering to strict regulations. However, relying solely on large language models (think ChatGPT) risks introducing a dangerous blind spot. While impressive in their capabilities, these models operate as “black boxes” – their decision-making processes remain opaque. While you feed them information and receive results, the reasoning behind those results is hidden, making them unsuitable for critical healthcare settings.

Patient-facing AI solutions must incorporate Explainable AI (XAI) techniques to offer comprehensive visibility into their internal workings. This includes clearly demonstrating the logic paths used for decision-making and highlighting the specific data sources utilized for each utterance.

Control

To prevent costly errors and safeguard patient well-being, it’s crucial to eliminate the risks associated with AI “hallucinations”—false outputs from generative AI interfaces that appear realistic in context but, in actuality, are entirely made up. These “hallucinations” could manifest in various ways, potentially misleading both patients and healthcare professionals. Imagine an AI system:

• Offering appointments that don’t exist and causing frustration and wasted time for patients.
• Overwhelming patients with irrelevant information instead of providing concise and relevant answers to their questions.
• Providing incorrect diagnoses based on incomplete or inaccurate data and putting patient safety at risk.

Careful data curation and control are essential to mitigate these risks and ensure responsible AI deployment in healthcare. This means restricting the data a generative AI interface can access and process. Instead of allowing unrestricted internet access, gen AI solutions must be confined to internally vetted sources of information, such as the health system’s directories, PDFs, CSV files, and databases. 

Compliance

AI systems in healthcare must be built with HIPAA compliance woven into their very fabric, not bolted on as an afterthought. This means robust data protection measures from the start, minimizing the risk of exposing protected health information (PHI) and personally identifiable information (PII) to unauthorized parties.

Navigating the regulatory labyrinth of AI in healthcare requires agility. Compliance isn’t a one-time bullseye but a constant dance with a moving target. Organizations must juggle HIPAA, the EU’s GDPR, and the AI Act, as well as all future policies that are sure to come, all while staying nimble and adaptable to the ever-shifting landscape.

The Future of Healthcare AI

Harnessing the transformative power of generative AI for patient communication requires a collaborative approach to regulation. Industry stakeholders shouldn’t view regulations as a hindrance but rather as a key that unlocks responsible deployment and ensures long-term viability. By actively engaging in shaping these frameworks, we can prevent potential pitfalls and pave the way for AI to genuinely advance, not hinder, patient engagement in healthcare.