Submitted by Sameer Samal, Research Intern on Framework for Secondary Use of Clinical Data for AI Applications.
Revolutionary (or disruptive) technologies such as Artificial Intelligence and Machine Learning are reforming the fields of public health and medicine. With the availability of electronic access to clinical data, medical institutions can now use such data to develop new applications that can benefit patients and other stakeholders. However, while assuring effective and efficient research, these technologies also pose ethical and legal challenges. Therefore, considering its extensive potential to revolutionize the fields of public health and medicine, it is imperative to establish an ethical and legal framework for the secondary usage of clinical data.
A recent report by the Radiology Society of North America (RSNA) advocates that patients’ clinical data should be used for secondary purposes, such as for the development of AI programs, without the requirement of attaining explicit consent of the patients, so long as their privacy is maintained. The authors have relied upon a previous study which rejected the assumption that clinical research and clinical practice are, from an ethics standpoint, fundamentally different enterprise. Rather, it has imposed a moral obligation on all stakeholders, including patients, to prioritize healthcare development.
The report by RSNA argues that the immediate value of health-data to an individual lies in their contribution to the individuals' clinical care. However, once the patients’ data is used for its primary purpose, i.e., to treat the patient, the same can be de-identified and aggregated to serve as raw material and generalized knowledge to develop AI programs. The question of ownership of such data arises and so does the question about profitability. Considering the wide array of stakeholders involved in the field of healthcare, the financial value of clinical data and the profitability from its secondary use will certainly create ethical disputes. According to the RSNA report, neither the patient nor the healthcare provider organisations are entitled to any financial benefits arising out of such secondary use of data. Moreover, selling such data would create ethical complications and have dramatic effects on the patient-provider relationship. Therefore, the report proposes a framework wherein the data is provided to developers without any additional profits over cost. However, the authors have expressed their concern about privacy as de-identification techniques are not 100 per cent reliable. With advanced technologies such as ML and AI, the clinical data sets can be attacked to re-identify individuals. To overcome such problems of providing data while ensuring privacy, a concept known as federated learning can rely on.
The report obligated the data principles, i.e., the patients, to contribute to the improvement and development of the healthcare system. Although the study established a principle where data principles have the right to choose and to control the secondary uses of their clinical data, this principle does not grant individuals the right to prevent others from learning from de-identified and aggregated data. Therefore, the report proposes, if individual privacy is safeguarded, the data is aggregated and the data is used for appropriate purposes, then additional patient consent is not required.
The report can be criticised on numerous grounds but it is crucial to keep in mind that the proposed framework is strictly ethical with certain legal inputs from the American jurisdiction. Regardless of such immunity, the biggest concern about the proposed framework is its legal validity. All the digitally advanced economies have an existing or proposed legal framework that grants the data principle ownership rights over such clinical data. Moreover, questions of access, control, profit and exclusivity have to be in line with such laws. It is essential to note that, at times, certain healthcare datasets may contain exclusively identifiable data such as facial CT scans. Using advance medical technology such as facial recognition software and three-dimensional reconstruction of facial CT scans, individuals can be precisely re-identified. Therefore, it is necessary that ethical frameworks should be introduced in consonance with the legal systems. In jurisdictions such as India, Vietnam, Indonesia and the European Union where strict data governing legislation are proposed, these frameworks will fail to achieve its intended objective.
An ethical framework for the healthcare field with legally backing provisions about data principles’ ownership rights and absolute consent requirements would be ideal. Even though federated learning might promise privacy safeguard measures, healthcare-specific data governance laws that prohibit usage of identifying datasets such as facial CT scans should be introduced.
To understand this development, please refer to:
For queries, mail us at editorial@isail.in