Problems and Difficulties faced when trying to comply with GDPR
Difficulties complying with data protection and GDPR and consequences.
AI has been implemented positively in the healthcare industry for many different treatments as such screening for things such as X-rays. However, with the fast growth of AI, it can be difficult healthcare organisations and governments to keep up with its innovations therefore its usage within healthcare organisations is still limited. This is due to the following challenges:- It may be too costly for organisations to invest into AI, this includes running and maintaining these tools.
- It is also time consuming to train staff members on how to use AI tools correctly as this may include testing staff to ensure that they use these tools properly.
- Governments also struggle to keep up with these innovations therefore it is hard for them to constantly and precisely updates laws and policies.
AI tools are typically created for hospitals through third-party companies who gather data from hospitals to create these tools. This could raise some issues as patients may not be aware of HOW their data has been used by these companies and therefore may not be aware that AI tools have been created through the use of their data. Furthermore, it can be hard for patients who are data subjects, to get in touch with third party companies therefore, hospitals might need to get involved in any dispute between third party companies and patients as they are the data providers.
As AI can raise concerns around trust amongst many patients, by law, where artificial intelligence is used to process data to make decisions based off personal data, data subjects (patients) can ask for human control whereby asking doctors to reprocess the data manually.
Furthermore, some acts are not clearly defined by the government whereby it is clear how healthcare organisations should go about keeping data safe. This normally occurs with AI growing rapidly and hospitals having to take into account multiple rules at one which can make rules are confusing or ambiguous. Breaches are also a big problem within healthcare and appose many safety risks about data protection. There are many types of breaches including:
- Staff communication- communication breaches which typically involves ineffective communication between staff which can lead to confusion between staff and tasks surrounding data protection may not be completed properly.
- Postage- Information can be stolen through passing information such as sending not delivering or disposing letters in a secure manner.
- Email- data can be stolen through hacking, therefore trusts must ensure they follow certain procedures including encryption and using standard emails given by the hospital. Further security is given to hospitals through safe and secure Wi-Fi which has a secure Ip address.
Why do they face these difficulties?
There are two main reasons as to why organisations face these problems:
- Big organisation can have millions of patients overall with thousands of patients and staff onsite at one time. This means that they hold millions of patients and staff records which may be hard to manage and organise. It can be tremendously hard to organise vast amounts of data which can lead to breaches if not maintained properly therefore it is important for organisations to have extra staff particularly focused on managing data. Also, because digital advances is a quite recent development, many old data files may not be fully updated onto systems.
- Staff members may also be given constant and effective training which is essential to ensure that staff are fully aware and papered to manage data confidently without putting anyone at risk. This responsibility is upon the organisation to ensure that they provide constant training updating their staff on changes made by the government but also ensuring that they test their staff to ensure that they remember the rules and regulations surrounding data protection.
