uhpo34t

1. AI, big data and the protection of
personal data in medical practice
Emmanuel Salami, LL.M.
Esalami@ulapland.fi
U N I V E R S I T Y O F L A P L A N D
F A C U L T Y O F L A W

2. Introduction
EDUCATIONAL & PROFESSIONAL BACKGROUND
 LLB Law - University of Lagos.
 LLM IT and IP law - Leibniz Universität Hannover.
 Doctoral Candidate, IT/data protection and IP law - University of Lapland.
 Privacy Manager – HERE Technologies.
RESEARCH INTERESTS
 The intersection between IT/data protection and IP law in the use of various emerging
technologies.
 Data protection compliance.
 Intellectual property rights protection of AI systems.
 Data ethics.

3. Table of content
1. What is AI? What is big data?
2. Uses of AI in medical practice
3. Data protection concerns and remediation actions in the use of AI in medicine
4. Other recommendations
5. Concluding analysis

4. What is AI and big data?
 AI is intelligent behavior (in computers) through the ability to achieve human-level performance in all cognitive
tasks, sufficient to fool an interrogator. The key test of computer intelligence is when the results generated by
the computer cannot be distinguished from those of its human counterparts – Turing.
 AI is “the study of agents that exist in an environment and perceive and act - Russel and Norvig.
 Strong AI vs Weak AI.
 AI uses big data sets to learn from its experiences (machine learning)
 Three Vs’ definition of big data where ‘Volume’ relates to massive datasets, ‘Velocity’ relates to real-time data
and ‘Variety’ relates to different sources of data -Laney,
 Big data is difficult to process using traditional processing methods.

5. Uses of AI in medical practice?
Descriptions
 Disease diagnosis and prediction e.g – AI examines echocardiograms and classifies heart conditions.
AI also predicts the possibility of suffering conditions such and predicting who is more likely to have
what disease. AI has correctly predicted 355 cases of heart attack better than human medical doctors.
 Telerobotic surgeries and robot-assisted surgeries – Surgeries are carried out with the aid of robotically
controlled instruments through which coronary intervention can be undertaken by a doctor without any
physical contact with the patient. (Operation Lindbergh, 2001).
 Genomics – AI is being used to make specific changes in the DNA sequence of human beings (gene editing)
to remove certain traits therefrom and insert new traits. AI is cheaper.
 Drug discovery, development and repurposing – AI analyses available data and identifies good target
proteins (drug discovery). Drug repurposing is the application of an approved drug for the treatment of a
different disease by using AI to evaluate the approved data of drug molecules to meet new targets. AI
accesses the sensitive personal data of patients in the process.
 Clinical trial – AI helps in the selection of candidates in determining the potency, side effects, etc. of new
drugs.

6. Data protection concerns and remediation actions
in the use of AI in medicine
Concerns Description Remediation actions
 Lawfulness and transparency principle  Necessity of processing,
 ‘Anonymised‘ genetic data,
 Data repurposing,
 Transparency becomes more difficult
because of the above.
 Thorough anonymisation and review of
anonymisation in genetic data.
 Assess and ensure strict compliance with
Article 6(4) GDPR?
 Provision of proper information
 Decision making algorithms  AI is determining people’s fate – who
is healthy enough for certain jobs for
instance but little or no explanation
because of black boxes, opaque
algorithms, human supervision? etc.
 Data protection by default and design to
ensure AI is designed to provide adequate
explanation,
 Human intervention must be established.
 Data security and data access  Use of (personal) data in test
environment,
 Data passes through more non-
medical personel like information
security experts.
 Where possible, avoid the use of personal
data in test environment,
 Adequate technical and organizational
measures,
 Restrict data access on a strictly need to-
know-basis.

7. Data protection concerns and remediation actions
in the use of AI in medicine
Concerns Description Remediation actions
 Discrimination of data subjects  This could be caused by the use of
biased data,
 Non-standardisation in the
development of algorithms which
encourages the reflection of the
biases of developers and engineers
in AI.
 The US example where people of
colour were erroneously and
unlawfully exempted from medical
benefits.
 The need for more standardizations and
codes of conduct. Mittelstadt analogy on
Doctors vs patients and AI developers vs
end users,
 Algorithms (and non-personal data)
should be accessible to researchers and
stakeholders for auditing.
 Data Transfers  Data transfer outside the EU. For
instance- the first telerobotic surgery
‘Operation Lindbergh’ was carried
out on a patient in France while the
medical team was located in the
USA.
 Ensure compliance with data transfer
rules.

8. Other recommendations
Descriptions
 Accountability of AI developers in medicine: Mittelstadt analogy on doctors vs patients and AI developers vs end
users,
 Hippocratic oath for AI developers: ”proactively understanding the ethical implications of technology for all
stakeholders, telling the truth about the capabilities, advantages and disadvantages of a technology,
and acting responsibly in situations which are morally challenging“ - Rothstein
 AI developers in medicine should be held to a standard as high as those of medical doctors. A sensitive and highly
regulated endeavour like medicine cannot be a test ground for AI.

9. Concluding analysis
 What are the key take away points?
 AI should support and not replace doctors,
 AI in medical practice should be closely monitored,
 Stakeholder participation in medical AI regulation is key.

10. THANKS FOR YOUR
ATTENTION!

11. Feedback and reviewer comments