Artificial Intelligence (AI) in global healthcare is growing rapidly. From $20.7 billion in 2023 it is forecast to rise to almost $188 billion by 2030 according to data supplied by Statista. More advanced wearable tech is being bought by consumers as retailers like Walmart
WMT
and Amazon
AMZN
jump on the healthcare bandwagon across North America.
The push by big retailers such as CVS and Walgreens (through VillageMD) into clinical settings and the speed at which the sector has been consolidating has raised concerns about the processing and protecting of personal consumer data. As Federal Trade Commission Chair Lina Khan said in September “healthcare is not like buying a toaster… it really can be life or death for people.”
In less than a decade, medical technology has evolved from paper-based records to electronic health records (EHRs) and now, AI tools. This tech offers consumers convenience such as online telehealth consultations but it can also expose patients and healthcare organizations to greater cybersecurity and privacy risks if mishandled.
The healthcare space stands at a crossroads of innovation and responsibility. As AI and large language models continue to grow, cyber-attacks will pose a greater threat. Companies venturing into the space need to ensure they do so with care because, while retail data is important, health information is sacrosanct.
Protecting data in retail and virtual scenarios
I recently spoke with Hamed Shahbazi, founder and CEO of Well Health Technologies, a digital health player and owner and operator of Canada’s largest healthcare ecosystem, to learn more about patient data protection.
The company is expecting 7.5 million care interactions across its retail and virtual platforms this year so it is heavily invested in this area. Shahbazi—who was EY’s Entrepreneur Of The Year 2022 for the Pacific region—shared four tips on data integrity and privacy that retailers jumping into healthcare might find useful.
1. Closing the loop
Cybersecurity risks are introduced when information is shared, making AI’s insatiable need for data a significant challenge. Whereas in retail, personal data such as credit cards or bank details can be replaced, personal healthcare information is forever.
To maximize security, Well Health has brought nearly all of its healthcare services under one brand, which allows data to be better controlled and managed. Shahbazi describes this as “closing the loop.” He said: “We’re creating a holistic ecosystem of tools and making sure that each one is secure, from our company servers to the firewalls in our clinics.”
To achieve this, the company has built its business around enterprise-level security controls, including 24/7 monitoring via a central system. With data management tools led by four in-house cybersecurity companies, Well Health minimizes the amount of information that leaves the loop.
A closed system also makes it easier for healthcare professionals to access patient data, share insights, and collaborate across disciplines, streamlining workflows and enhancing the overall patient experience.
2. Let AI be your best friend
According to Shahbazi, responsible implementation boils down to putting patient and practitioner safety first. “We look at AI as an opportunity, but we treat it responsibly. Every decision we make about AI is filtered through three lenses: security, privacy, and ethics,” he said.
Some questions the CEO asks before implementing AI are: Is it secure to implement whatever AI tool we are looking at? What data clearance will it have? What are the guardrails in place? Are we adhering to the proper privacy regulations and ethical guidelines set out by regulators?
Shahbazi stressed: “Due to the sensitive nature of healthcare information, it can’t simply be fed into tools such as ChatGPT which draw from public data sets. We’ve seen companies get this wrong with sensitive data appearing online.”
He added: “We recently announced a majority stake in HealWELL AI, a company focused on improving the identification of rare diseases and optimizing their treatment plans. This is resulting in better decision-making and, as a result, better outcomes for patients.”
From assisting in accurate diagnoses to identifying personalized treatment options, AI is augmenting the expertise of medical experts to help deliver increasingly targeted consumer care that is more personalized and efficient.
3. You can’t put a price on data safety
When patients share their most sensitive information, trust is critical. They must be confident the information will remain protected. Shahbazi commented: “We are accountable for data privacy, and we take this responsibility very seriously. If there is a sensitive piece of information or an identifier that might influence future insurability, we absolutely do not want that to get out.” Hence the use of ‘red teaming’.
Often found in highly secure organizations within government or big tech, red teams comprise of specialized cyber-technicians continuously attempting to breach or hack into their own company to expose gaps.
While cybersecurity can never be 100% perfect due to the potential for human error, constant testing and improvement, along with security similar to that seen in banks and financial institutions, can bring peace of mind to customers. “We invest millions of dollars into it because we are cognizant of the value of this data to ensure that not one-piece slips through the cracks,” said Shahbazi.
4. Managing risk to speed up growth
Business sectors from retail to restaurants are rapidly transforming due to data-driven innovation. In healthcare, the changes are set to revolutionize patient care, research, and operational efficiency. But companies must maintain high data safety standards during growth phases—something that can easily be overlooked, particularly during takeovers.
Shahbazi said: “We think about ourselves as a technology and innovation-driven organization. Cybersecurity is there to facilitate and enable that, but also to make sure that the risk is managed appropriately. This allows us to move faster and do more original things. That is the balance we must maintain through our acquisitions, new features, and technology we bring.”
The CEO described this balance in racing terms. “As cybersecurity professionals, we are here to fuel the race car that is business and innovation. At the same time, we need to be the brakes so that you can come into a corner at 100 miles per hour and know you’re not going to hit the wall,” he said.
The rewards of responsibility
Retailers moving into the digital healthcare space have an opportunity to drive growth and innovation while maintaining responsibility toward patient care, data privacy, and ethical considerations, which need to be protected more than regular consumer data for some of the reasons outlined above.
With adequate consideration, AI has great potential to facilitate this. Steve Forbes, the chairman and editor-in-chief of Forbes Media wrote in a recent article that “AI could play a tremendous role in reducing clinician burden and improving patient experience.” Shahbazi, for his part, intends to continue to implement AI safely in the race to improve those experiences. “When you go fast, you need to have responsive and powerful controls,” he noted.
