Cybersecurity Framework for Synthetic Data in Training Medical AI

The development of medical artificial intelligence is dependent on the availability of vast quantities of data, a considerable proportion of which is medical data containing sensitive information pertaining to the health and well-being of patients. The use of such data is subject to extensive legal...

Full description

Saved in:
Bibliographic Details
Published in:European journal of risk regulation 2024-12, Vol.15 (4), p.903-911
Main Author: Greser, Jarosław
Format: Article
Language:English
Subjects:
Access
Algorithms
Artificial intelligence
Cybersecurity
Data
Datasets
Legislation
Machine learning
Medical education
Medical supplies
Natural language processing
Prohibition
Regulation
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The development of medical artificial intelligence is dependent on the availability of vast quantities of data, a considerable proportion of which is medical data containing sensitive information pertaining to the health and well-being of patients. The use of such data is subject to extensive legal regulation and is further hindered by financial and organisational constraints, which can result in limitations on accessibility. One potential solution to this problem is the use of synthetic data. This article examines the potential for their use in light of cybersecurity requirements derived from horizontal and sectoral EU legislation. The outcome of this analysis is that EU legislation does not contain specific regulations on the use of synthetic data. Consequently, it cannot be concluded that there is any prohibition on their use. Moreover, while the Medical Device Regulation (MDR) contains some general requirements for cybersecurity, these are further specified by the provisions of the AI Act. It is important to note, however, that the AI Act will not apply to Class I medical devices, which are subject only to the MDR. Furthermore, only indirect obligations within the scope under consideration can be derived from the horizontal regulations, which will apply in a limited number of cases.
ISSN:1867-299X
2190-8249
DOI:10.1017/err.2024.74