This week on the HIPAA Vault Show, we delve into the transformative world of AI in healthcare. Artificial Intelligence is not just a futuristic concept but a present reality revolutionizing how healthcare services are delivered. From IBM Watson Health’s sophisticated cancer treatment aids to Google DeepMind Health’s real-time patient care applications and beyond, AI tools are improving efficiency, accuracy, and patient outcomes across the board. Moreover, we’ll look into the imminent AI regulations in healthcare. With new mandates like the requirement for Chief AI Officers in each agency by May 28th, the landscape of healthcare is set to evolve further. Stay tuned for a deep dive into how these technologies and regulations are shaping the future of healthcare, ensuring safety, security, and trust in AI applications.
Do you have any remaining questions, requests, or just want to chat with us? Email us at podcast@hipaavault.com!
Transcript:
Adam
Hello and welcome to the Hipaa vault show, where we discuss all things Hipaa compliance and the cloud. Stick around until the end and we’ll be discussing the latest in our breach of the week segment. We’re going to talk about an update on change healthcare, so stick around for that. But we’re going to dive into our topic for today. Healthcare AI. AI enabled healthcare tools are revolutionizing the way healthcare services are delivered, improving efficiency, accuracy and patient outcomes ultimately. So we’re going to go through some key tools out there on the market. These are healthcare focused tools, medical institutions, biomedical research facilities. So the first one we have up here is IBM, Watson and Watson. Watson has been around for quite some time and it’s an AI tool that assists healthcare professionals in various ways, from cancer treatments to clinical trial matching.
Adam
And Watson Health analyzes structured and unstructured data to provide evidence based treatment options, helping doctors make faster, more informed decisions.
Gil
Well, IBM has been around forever and the name Watson has been, they’ve been using that brand for a while, but yeah, that this is a tool, I haven’t used this one in particular, but it’s a good one to start with because IBM is a stall work. They’ve been around for decades. So if somebody wants to check out their IBM, this enterprise studio is probably, well, it’s probably well developed because it’s so, it’s season. And a lot of the tools that you see out there today, Adam, they’ve been around just for a little while, right? Everyone’s trying to get their AI stuff out there, but this one sounds like it’s a more mature tool, so probably worth looking into that if you need that tool.
Adam
Yeah, definitely. And it does provide a business associate agreement to the users, the minimum necessary for healthcare data that’s being processed. So that’s good news there. And it’s aimed at enterprise level companies, pretty fair market share in the AI space when it comes to AI tool assistance for healthcare. They’re presenting a series of dialogues between various people and an AI assistant, and the AI tries to be helpful, polite, honest, sophisticated, emotionally aware and humble, but knowledgeable.
Gil
Okay, so it’s sounds like chat GPT, but a la IBM, right?
Adam
And I think it’s probably chat GPT. However, it’s trained on the proprietary data of the institution, probably eliminates certain compliance restrictions from using chat GPT, considering potentially, you know, external APIs, being unsure as to where the patient data is being shared. It also allows you to bring together AI builders. So it uses open source frameworks, tools for code base automatic, automated and visual data science capabilities, all in a secure, trusted studio environment. Allows you to tune foundation models for your business and manage the full AI lifecycle. With this tool, we will need only a quarter of the time compared to before to plan, write and publish an article that is IBM Watson. The next tool that we have for you today is Google, DeepMind. We are very familiar with Google. We’ve talked about Gemini before, and this integrates into Gemini, and I think it’s.
Adam
My understanding of this is that it’s combining the Google vast data center resources with the AI capabilities, and it applies machine learning algorithms to various healthcare tasks. One notable project is streams, a mobile app that supports doctors and nurses by providing real time critical information for patient care. DeepMind has also made strides in disease detection, particularly in areas like diabetic retinopathy and breast cancer. So, analyzing huge data sets, applying AI.
Gil
To it, right, yeah, that seems like Gemini is playing catch up, because as we all know, Chachi BT came out first, and Google is having to race to show that they also have AI. And they claim, oh, our AI is better. We just took a while to reveal it because we have liability. And what they meant by that is that chat, GPT, they’re saying, is an experimental tool, they just throw it out there. But Google is a mature product, and they don’t want AI throwing out a bunch of false information because people rely on their research they do on Google. So that’s how Google is explaining their position that, well, we can’t just throw it out there as an experiment, acute experiment, we have to make sure it’s very useful and good. And so I don’t know that I buy that story 100%.
Gil
I mean, I think they are behind and I think they are playing catch up to a certain degree. But the three platforms that we see, the OpenAI and Microsoft’s copilot and now Gemini, they’re all coming alongside these healthcare tools to augment the data, to be like an assistant. And I think that’s sort of the first iteration that we’re seeing of these tools. And later, as the market matures, we’re going to see other iterations. Once this one’s over, we’re going to see the next one and the next one on top of that. But this was the beginning, right? This is what we’re getting right now, is assistance to whatever tools exist today.
Adam
I think you’re right. These companies are definitely positioning themselves to be a combination of multiple services that are required in healthcare. So you’ve got the AI layer, but you’ve also got the infrastructure layer, the computing, the GPU’s and all that, and combining that into one resource so that the data can be secured and minimize the amount of transmission of data from one party to another. And Google, obviously, Google also offer a BAa, and DeepMind does apply to it. So that’s good news there. The third one that we got to review today, a little bit left field, so not as nowhere near as large as IBM or Google, who are giants in the tech space, but it’s developed by nuance, and it’s nuance Dragon Medical one. This, I think, is suitable for any number of any size of organization.
Adam
You can see here they’ve got pricing displayed. Get going with this. So very inexpensive. And it’s essentially a platform that utilizes AI to streamline clinical documentation. And it allows clinicians to dictate patient notes directly into the EHR systems using NLP, natural language processing, which can significantly reduce the time spent on paperwork. It’s a full stack application which allows doctors to communicate and interface with it and have AI work with them and feed things into the EHR, which seems very interesting.
Gil
Yeah, no doubt they’re using the voice to text capabilities that are built into these public platforms. So, yeah, this is a good use case as well, enabling the worker, in this case the transcription agent, to be able to transcribe more accurately and more quickly. That’s a good use case for it. Again, this is the starting blocks. We’re not seeing AI walk over and replace doctors and do diagnosis and surgery, although when I say that one of our customers has developed robotic surgical tools in surgery itself. So they use AI to be able to program their tools, their robotic tools, to be able to conduct actual surgeries. And the advantage of that is that the robot can be close to the patient doing the surgery, and the doctor can be in another country or another room.
Gil
And so you can imagine the implications of that, right? To be able to have some robot that can go to a place where humans don’t want to go, maybe it’s a battlefield or it’s just a dangerous area, not necessarily a battle, but something dangerous, and the robot can be inserted in that scenario and do a surgery, and then the AI and machine learning is all part of the formula to be able to get it, to program it, to do this surgery. So that’s pretty remarkable.
Adam
So we’ve reviewed a couple of the options out there. Gil, I know you also have been trying out some AI healthcare applications yourself, so could you share a little bit more info on that?
Gil
Yeah, let me give you a little background first. So my wife has a heart condition where her heart will race at times and it stays elevated for a prolonged time, and it can feel uncomfortable for her. And it’s a condition where the heart’s firing an electric signal. That’s normal, but now you have a double signal, so the two signals compete, and the heart gets elevated, as if at the same rate that you would have if you were running at a pretty good pace. But she’s not running. She’s just sitting there, and it stays at that level, so it can be tiring for her. So I bought this tool, which has some AI capabilities. This is a modern stethoscope. And what makes this modern is that it has, in here, it has some high fidelity speakers. So normally the stethoscope is just a tube, right?
Gil
But in this case, they put some high fidelity speakers here, and then on this end, they. There’s a sensor. So this is the part that you put against. This is the part where you can turn on and see the actual output. You can choose if this is going to be a pulmonary check or if it’s going to be both or a cardiac exam. And then you put these three probes onto the patient. And when I say probes, it’s like a normal stethoscope. You just put it on their chest like this. And then the AI part of it comes into play, because as the heart is being monitored, then you can see here, you’ll see the wavelength come up, and then it goes to the app, and then the app has AI built into it. We can start analyzing. What condition do you have?
Gil
What’s the problem? So not only can the doctor hear much better, because the stethoscope has high fidelity, augmented sound, but also you can see the heartbeat visually, and it goes to the phone, and the AI records it. You can send it to the doctor. Like, in my case, I’m not a physician, but I can record it. And then when the doctor’s examining Terry or wants to know about her condition, I can send him all the different recordings I have and the AI’s interpretation of what’s going on. Like the other day, I did it, and it says, oh, she’s got a heart murmur. And so it’s already detecting problems, and she knows she has a heart murmur. So we know this is working because it’s. It’s already been acknowledged and confirmed from her physician that she has a murmur.
Gil
But this is a tool I was able to get, again, AI enhanced. This is called Echo e K o, stethoscope. Yeah, there we go. The digital stethoscope. And pretty impressive technology, right? It is impressive. I think stethoscopes haven’t changed in 100 years. This is. This is all brand new. I don’t think. I don’t think it’s incremental. Like, oh, they got a little improvement, and now we’re. This is just revolutionary. All of a sudden, you go from the old to the new, and everything about this is novel. Now, it looks the same as a regular one, but it’s pretty powerful. But it’s. It’s impressive how you see right there on the little monitor, the display, the built in display, you can see, and that’s the one I have, the echo core 500. So I can see right on there.
Gil
And it tells you where to do the test. Like, it tells you where to hold the device, how long to leave it there for, and then at the end, it creates a PDF that I can. It records the sound, and I can send the PDF to the doctor with the full analysis. So, very interesting. So it’s a great example of where AI meets the medical practitioner right where they’re at. You know, this is a tool they use every day.
Adam
This is a great example of technology reaching a level where it can be used both by commercial institutions, but then also by retail.
Gil
Yeah, yeah. Well, most of these tools, this would be the doctor buying it themselves. The hospitals don’t typically buy these things for the doctor. Maybe they do these days, but I think this is a great tool. And, of course, a plug for Hipavault, since we’re securing medical data in the cloud. In this example, we would take the output from this, and then we would secure it in the cloud, because this is all cloud based. When I record this on my wife’s chest, in the heart rate, all that’s recorded, and it goes to the cloud. So that’s where the machine learning and the AI happens, and then that has to be secure. And that’s what Hippa vault does, is it works with the different platforms and protects that to meet the HIPAA compliance. But I think this is a great tool.
Gil
I mean, I bought this because I’m trying to help my wife. She’s frustrated. She got one of those heart rate monitors that the doctor say, oh, you’re having a heart problem. Wear this for a month. Of course, in that month, as luck would have it, she didn’t have an issue. And then when she returns it, like, the next day, she has the issue. So I’m like, oh, my gosh. So I bought this because this way I have it handy. And the moment she has an issue, I will use this device. I don’t need it. She doesn’t need to wear a monitor 24/7 so that’s where we’re heading. These are just small examples, but we can see the future, right? We can see everything’s being augmented by AI.
Gil
And then there will be revolutionary changes where we can’t necessarily foresee them all, but there’ll be much more monitoring of our bodies. A lot of people are wearing the aurora ring that checks your oxygen levels. I’ve been wearing a glucose monitoring device, and I also wear something on my wrist, the Garmin watch, that tracks all my vo two max capabilities, how much oxygen I can process while running. And, you know, all of this is interpreted, the algorithms are interpreted and created by the AI. And so we’re already seeing how much monitoring is starting to come around the corner that us humans can really rely on to understand our bodies more. And I think that’s, to me, that’s fascinating. I really, I really want to take advantage of that personally. Obviously, that’s why I bought this device.
Gil
But I’m very intrigued, and I want to take advantage of all of those AI enhanced monitoring tools for our body so that we can figure out what’s wrong with us, or not necessarily what’s wrong with us, but what can we do to maintain optimal health so we don’t get sick and we don’t have to go to the doctors often. Instead, we can be very healthy. We can see, I also have a blood pressure cusp that I wear and all of these tools I have, and every week I’m monitoring, and I see, okay, I know where I’m at, I know where my body is, and that, I think that’s point. Now, I’m not a doctor, but I still have the capability to monitor myself. Right? I have the ability to monitor myself. And I think that’s very powerful.
Adam
Yeah, no, that’s very, very promising for improving patient outcomes as well. I think. I think also important, the fact that users can affordably purchase these devices, because when an individual purchases a device, they’re taking on any risks of potential data breaches themselves. And that is very different to when a company uses a medical device that they’re using on behalf of their patients, because then HIPAA starts to apply as a covered entity, which we’ve discussed many times. And I think it’s going to take a while for AI compliance to catch up. There’s some news at a federal level, which is the White House released a, an executive order on the safe, secure and trustworthy development and use of artificial intelligence. Now it’s a, it’s a very long document, and we’ll, you know, we’ll link, we’ll link it in the show notes.
Adam
But one of the key items that was put forward was that chief AI officers need to be appointed to each federal agency, and this is required by May 28. So that is a very strong statement as to, you know, where policy and compliance is going when it comes to AI. As with all things, as soon as that enforcement gets put in at the top, it’s not very long before the compliance gets spread across to commercial beyond the government level. I think we’re going to see a lot of developments on, in the next year or two.
Gil
Well, the regulation is not my favorite topic because philosophically, I believe the government puts their fingers in too many places that doesn’t belong and they’re inefficient. But no, there’s always, yeah, there’s always a balance. I mean, there are cases people will show you. Oh, but what about when the government helped when kids were working in the sweatshops and they shouldn’t have been? And so you can always point to a few cases where the government did something good, but for the most part, they end up just driving the costs up very high and they end up kind of getting in the way, let the market drive it. But I can see the government wants to get their spin on it and figure out what to do, and they’re forcing these agencies to get an AI officer.
Gil
If that’s, I don’t know if that’s the right solution. I don’t really know the objective, but maybe we should talk about this in a, in the next podcast. It would be an interesting topic to explore.
Adam
Absolutely. Thanks for sticking around for this long. We appreciate your support on the Hippervolt show. Please do share it with your friends and give us a like and subscribe to our YouTube channel or the podcast. And if you’ve been listening so far, we’ll make sure to include links to all the resources that we’ve talked about in the show notes below. Our final segments of the day is our breach of the week. So we’ve been following the United healthcare breach for a couple of weeks now, and it just gets juicier and juicier. Gil, give the listeners and viewers, some updates. So last week, the United Health CEO testified before the Senate on cybersecurity attack against change healthcare.
Adam
Yeah, I think the last time I watched something on C SPAN, I really can’t remember the last time, but I actually watched this whole video that gives you an insight into my life. I had a beer and listened to this on a Friday night. Gill. And it was basically the CEO being grilled by a bunch of senators. The, the chairman, Senator Ron Wyden, I think, of Oregon, was, yeah. Really putting a lot of questions to the CEO. Andrew Whitty, a couple of takeaways. A great soundbite from Senator Wyden was credit monitoring is the thoughts and prayers of data breaches, which I thought was great because obviously, whenever a data breach happens, Gil, we’ve talked about this on many episodes. That’s, that’s what is usually put forward.
Gil
As a mitigation step.
Adam
Yeah, yeah. A mitigation step. And, yeah, he said credit monitoring is the thoughts and prayers of data breaches in terms of information that came to light. Andrew Witty shared information that multi factor authentication was not enabled on the environment that was breached also did not have access to the logs which caused which meant that they were unable to act as quickly as they would have been able to do if they were able to access the logs in the system. There was no proper redundancies. The ATT and CK actually locked up the backup systems. Typically what they do in these circumstances is if a system goes down, they’ll have backups that they can go spin up new systems for and reload those backups into new systems and they get forward.
Adam
That’s why it was basically offline for weeks because they, the intruders had been in the system for like 100 days and they’d gotten full access to everything. So they locked down the backups as well. So do you know which nation state.
Gil
Was taking responsibility for the attacks? I just saw on the video you’re showing, they did mention a nation state attack, which could be any nation. But you typically, you see the big names like Russia, China, those countries, Romania.
Adam
There was not a specific country that was singled out. However, I think what they were commenting on is that they believe it was at the nation state level, which I think we already knew. But. Yeah, yeah.
Gil
What did they pay out for this? Do you remember?
Adam
The ransom they paid was 22 million to the ransomware group. Yeah. So that’s just the ransomware. Another thing that came to light after this was that they’re self insuring. So they didn’t have cybersecurity for this.
Gil
Yeah, they just paid the money from their own pockets. Well, it worked. Most companies wouldn’t have 22 million in cash sitting around. Most small companies didn’t. But they’re big enough and deep pocket. So it did work for them, that self insurance. They were able to say, well, 22 million, no problem. Here you go.
Adam
Yeah, yeah. But, I mean, we’re not done yet.
Gil
Yeah, no, I know. You wonder, well, why don’t they just.
Adam
You know, what is it they spent only. They spent $300 million a year on cybersecurity.
Gil
Well, maybe I’ll have to watch this video later on.
Adam
So that’s. Yeah. That’s our update on the breach of the week. If you have any more information that you’d like to share, feel free to reach out to us at podcast@hipaavault.com. And let us know if there’s anything that you’d like us to discuss on future episodes. We’re always looking for new topics to explore and research for you. And until next time, thanks for stopping by.