Industries across the board are adopting artificial intelligence (AI) and machine learning – by 2025, the market for AI solutions for the healthcare industry are predicted to increase from $1 billion to $34 billion. But what does this mean for healthcare? With its ability to empower IT and security professionals by detecting threats like drug diversion and identity theft, machine learning for healthcare security is becoming a vital way to transform the lives of both clinicians and patients.
What are the benefits of implementing machine learning for security? With its ability to leverage massive quantities of data, machine learning is an especially effective tool. Machine learning is a facet of AI that mimics human behavior, learning from vast amounts of information to make decisions the way a person would – but with considerably more speed and efficiency. The advantages of implementing machine learning for security include:
1. Increasing efficiency
One key use of machine learning is streamlining workflow for security professionals. Although there is concern that AI and machine learning replace valuable members of the workforce, it can be used to empower professionals when used ethically. In a Ponemon study, 75% of providers stated that their IT security personnel are understaffed. With 50% of healthcare organizations planning to adopt artificial intelligence in the next four years, AI and machine learning can help CISOs and security teams fill in gaps to provide a safer experience for patients.
“Automation doesn’t mean the elimination of people, it means the re-deployment of people to do the work that can’t be automated.” – David Finn, Executive Vice President of Strategic Innovation for CynergisTek
Machine learning can also save time by reducing false positives. While monitoring patient record access for privacy and security incidents is vital, analyzing a large volume of false positives is time-consuming for CISOs and security teams – especially when incident alerts reach into the hundreds or thousands. However, machine learning algorithms can rapidly document and close false positives by identifying how similar alerts have been handled in the past. As a result, security officers can feel confident that the incident alerts they evaluate are true violations.
2. Detecting anomalous behavior
Machine learning can be used to detect unknown and potentially risky behaviors – user actions that deviate from the normal workflow – which helps to accurately pinpoint potential security risks. A full lifecycle patient privacy platform equipped with machine learning would look across user activity and workflow, clustering these items while identifying users who fall far enough out of bounds that they could be considered anomalous. Examples of anomalies include:
- Identity theft
- Sale of medical information
- Workflow anomalies like accessing data from unexpected locations or at unusual hours
- Drug diversion
- Compromised credentials
- Suspicious patient activity/VIP access
3. Predicting cases of drug diversion
Plaguing hospitals throughout the United States, drug diversion poses an alarming security risk. Not only is it dangerous for facilities, patients, and the drug diverters themselves, it’s also costly to remain unprotected. With its keen ability to predict behavior, machine learning can help identify people who might be at risk for opioid addiction. In 2018, more than 115 people died each day from prescription opioid overdoses. For the most part, people are diverting drugs not with malicious intent, but because they struggle with addiction.
“There are very few instances where drug diversion is made for financial gain. In the vast majority of cases, it’s addicts feeding their own addiction.” Commander John Burke, President of Pharmaceutical Diversion Education
Consequently, using AI to identify those at risk for opioid use and drug diversion allows hospital staff to seek help for care workers who struggle with addiction, potentially saving lives in the process.
4. Preventing identity theft
Identity theft is a serious threat to the healthcare industry – on average, medical identity theft totals about $41 billion per year in the United States. With the rise of electronic health records (EHR) to store medical data, which can fetch a high price among identity thieves, the healthcare industry has become vulnerable to hacks such as phishing, ransomware, and social engineering.
Machine learning can stop identity theft in its tracks by using algorithms to identify and monitor inappropriate access of personally identifiable data (PII), which is a red flag for potential identity theft. If a user accesses and downloads thousands of records when they typically access 10 per day, machine learning can detect that behavior and alert security personnel so that they can investigate and take appropriate action.
Although a controversial subject for some, machine learning has the potential to lead to positive change for healthcare. With its ability to detect anomalous behavior, drug diversion, and identity theft, machine learning can prevent breaches while protecting the security of patient data – fostering a culture of privacy and security while nurturing overall trust and care.