Healthcare is more data-driven than ever. And autonomous, data-driven decision-making is increasing as the industry uses more AI for administrative and clinical functions. However, AI is only as good as the data used to train it. Without establishing the veracity, or accuracy, of data, organisations leave themselves vulnerable.
Inaccurate data leads to corrupted insights and skewed decisions. Nearly one quarter (24 percent) of health executives say their organisations have been the target of adversarial AI (such as bot fraud, spoofed sensor or IoT data and falsified location data) multiple times.
In healthcare, these vulnerabilities can do great harm because data underpins medical decisions, treatment plans and even whether an insurance claim is accepted or denied. Bad data in a patient’s electronic medical record could put them at risk for not getting the right diagnosis or treatment. Incomplete or compromised public health data could lead to misidentifying the source of a disease outbreak.
Unfortunately, many health plans and providers are not ready to protect themselves.1 Health executives surveyed (77 percent) say they are not prepared to confront the impending waves of corrupted insights as falsified data starts to infiltrate their data-driven information systems. Meanwhile, they are already feeling the effects of vulnerability. A national survey reveals 83 percent of physicians surveyed already have experienced a cyber attack,2 and this has been a significant issue for health plans3 as well.
To address the challenge, companies must follow a dual mandate to maximise veracity and minimise opportunities for data manipulation.
Fewer threats, more truth
In a world of data manipulation, as illustrated by fake news, no one knows where the next threat lies—and the scariest breach is the one you don’t know about. Healthcare organisations should seek to mitigate future vulnerabilities at the outset by establishing provenance, or verifying the history of data from its origin throughout its life cycle; context, or considering the circumstances around its use; and integrity, or securing and maintaining data.
Most healthcare providers (84 percent) and many health plans (68 percent) agree that automated systems create new risks including fake data and data manipulation. Yet only 14 percent of providers and 6 percent of health plans surveyed say they validate data sources extensively and are “very confident” in the quality of their organisation’s data.
Validation must be built in to ensure a data output that users can trust. Uncovering processes that inadvertently incentivise deceit is essential to improving the truth in data across a system. Incentivising truth will allow companies to reduce noise in data, so that real threats stand out. Ultimately, it will help ensure the data is trustworthy enough to drive critical decisions in the future.
Improving data intelligence capabilities
Healthcare organisations aiming to achieve data veracity must ramp up existing efforts, embedding and enforcing data provenance, context, integrity and security throughout the organisation. Existing investments in cybersecurity and data science may need to be adapted to address the data veracity issue because data quality is critical to having inputs users can trust to make both business and clinical decisions. For instance, technologies such as blockchain can be used to ensure data provenance throughout its lifecycle and prove the data was not tampered with.
Companies must build a data intelligence capability. By using technology tools to track behaviour as data is recorded, used and maintained, cybersecurity and risk management systems have a baseline of expected behaviour around data. For example, Aetna has eliminated 10 billion instances of social security numbers in the company’s core processing capabilities in the past three years. Rather than using SSNs as a unique identifier and authenticator, the company has implemented continuous behaviour-based authentication that offers real-time authentication using many behavioural attributes available through web and mobile applications. This approach embeds authentication into electronic interactions on a continual basis. Aetna uses between 30-60 attributes that feed a risk engine used to calculate a risk score. That score is fed to the mobile or web application in real time, and the application determines how much access to provide to the consumer.
Using blockchain to secure the pharmaceutical supply chain
Logistics company DHL joined with Accenture to create a blockchain-based serialisation prototype, to track pharmaceuticals across the supply chain. The ledger allows enterprises to accommodate legal and regulatory requirements and address mischief—all while preserving cryptographic features. The ledger that tracks medicines can be shared with stakeholders, including manufacturers, warehouses, distributors, pharmacies, hospitals and doctors. Prototype simulations showed that blockchain could handle more than 7 billion unique serial numbers and 1,500 transactions per second.
RELATED: Watch the Digital Health Tech Vision 2018 webcast replay
1 U.S. Department of Health and Human Services, Office for Civil Rights Breach Portal
2 Accenture, “Taking the Physician’s Pulse", 2017
3 Accenture, “Are You One Breach Away from Losing a Healthcare Consumer?”, 2017