“`html
Controlling AI: New Standards for data Access in Healthcare and Beyond
Table of Contents
As artificial intelligence rapidly evolves, ensuring responsible data handling is paramount. New standards are emerging to govern AI’s access to sensitive details,especially in healthcare,establishing a framework for controlled learning and decision-making.
The early stages of any transformative technology are often marked by a degree of uncontrolled access. However, as AI’s capabilities expand, the need for robust security and governance becomes increasingly critical. Experts agree that AI accessing and generating data is a privileged activity requiring careful oversight. A recent analysis highlights three key moments where controlling AI is essential: during dataset training, when making treatment decisions, and when informing payment decisions.
Safeguarding the Learning Process: MLTRAINING and data Provenance
A primary concern lies in controlling how AI/ML/LLM models are taught.Preventing the ingestion of unauthorized data is crucial, and the healthcare industry is leading the way with a standardized approach.HL7, a global standards association, has identified a specific “PurposeOfUse” code – MLTRAINING – to designate data specifically for AI training purposes.
“when the training is done, the authorization request is for MLTRAINING purposeofuse,” a senior official stated. “This allows access control to either permit or deny such use, with all authorizations meticulously audited.” This code is restricted to authorized agents, preventing misuse, and datasets can be explicitly marked as off-limits for MLTRAINING, possibly even down to the individual data artifact level.
Beyond access control, the importance of data provenance is gaining traction. A standard developed to tag datasets with Provenance and Authorizations, including licensing information, is now available through the Data & Trust Alliance. This standard ensures that AI models are trained on data with clearly defined origins and usage rights.
Patient-Centric Consent: Putting Individuals in Control
The MLTRAINING PurposeOfUse extends to individual patient consent. This allows patients to actively opt-out of having their data used to train AI models. “This means that the Access Control is more fine-grain,” one analyst noted, “with each data point checked against the patient’s authorization status.” This granular approach empowers individuals to control how their information contributes to the advancement of AI.
Governing AI-Driven Decisions: TREATDS and PMTDS
Control isn’t limited to the training phase.Separate “PurposeOfUse” codes exist for when AI is used in treatment (TREATDS) and payment (PMTDS) decisions. These distinctions are vital, allowing for nuanced control based on business rules and patient consent.
The most likely submission of these codes involves giving patients the ability to consent to – or decline – the use of AI in their clinical or payment processes. Each patient would have a consent profile specifying their preferences regarding the TREATDS PurposeOfUse, which would then be used by the AI system to authorize access to their historical data.
Looking Ahead: A foundation for Responsible AI
these purposeofuse codes represent a significant step toward responsible AI development and deployment.While these initial standards provide a strong foundation, ongoing discussion and refinement are essential.”There might potentially be other PurposeOfUse codes that need to be defined,” a security expert concluded. “This is a good exercise for discussion.”
