Data Privacy Clashing with Demand for Data to Power AI Applications

0
66



Data Privacy Clashing with Demand for Data to Power AI Applications 1
The form on the right is GDPR-compliant because it asks the user to deliberately opt-in to receive messages from the company.

By AI Trends Staff

Your data has value, but unlocking it for your own benefit is challenging. Understanding how valuable data are collected and approved for use can help you to get there.

Two primary means for differentiating audiences by their data collection methods are site-authenticated data collection and people-based data collection, suggested a recent piece in BulletinHealthcare written by Justin Fadgen, chief corporate development officer for the firm.

Site-authenticated data are sourced from individual authentication events, such as when a user completes an online form, and generally agrees to a privacy policy that includes a data use agreement. User data are then be combined with other data sources that add meaning, becoming the basis of advertising targeting for instance. In marketing for healthcare, this is the National Provider Identifier (NPI), a 10-digit numeric identifier for covered healthcare providers under HIPAA.

People-based data collection does not come from a registration, but from a variety of sources that could include data licensing, research, and manual verification. These data can be loaded onto a data management platform, which aggregates data from various sources into likely groups using data science. The goal is to provide an anonymized ID to individual users. These then can be individually targeted.

People-based data may not be friendly to individual-level reporting, also called physician-level reporting. This is because no privacy policy has stipulated how the data are to be used.

National Health Service of England Seeking to Monetize Data

Efforts to monetize patient data of the National Health Service (NHS) of England further emphasizes the value of your data. Sensyne Health, a for-profit company, is working to get divisions of the NHS to put patient information into a database. The NHS has 71 years of patient data. In recent years, it has worked to collect patient DNA data for research.

Sensyne’s initial goal, according to an account from Bloomberg, is to gather information on five million NHS patients. Ultimately, said Paul Drayson, the former UK science minister who founded Sensyne, the company hopes to get access to all 55 million members of NHS. EY consultants estimate those data might be worth $12 billion annually, money NHS could apply to patient care and health. Sensyne has so far signed up six of 150 hospital divisions in the NHS. Each division, or trust, receives Sensyne shares worth some $3 million.

The potential value is of interest to the UK government, especially with Brexit injecting more uncertainty into the economy. “How the NHS works with the global life sciences industry is key to the health of the nation,” Drayson stated.

Other groups are looking data as a business model. Intermountain Healthcare of Salt Lake City recently announced a partnership with Amgen to study the genomes of half a million patients. Israel is working on commercializing its patient health records in a $300 million program. Nebula Genomics is among companies who broker individual patient DNA data to buyers in the health industry.

GDPR in European Union Enhances Individual Privacy Protection

New privacy laws in Europe increase protections on patient information. According to polls, UK residents are willing to share data if it is invested back into healthcare, but they worry it will get into the wrong hands. Any citizen has the right to block sales of her or her data.

The General Data Protection Regulation (GDPR) that went into effect in the European Union in May 2018 specified some rules around data permissions. Customers must now confirm that they want to be contacted, according to an account in SuperOffice. A default checkbox that automatically opts a customer in will not comply; opt-in needs to be a deliberate choice. SuperOffice has modified its web forms as a result.

The GDPR says the customer has the “right to be forgotten,” to have outdated or inaccurate information removed. This gives individuals a way to gain more control over how their data are collected and used. This can be implemented with an unsubscribe link in email messages, and links to customer profiles that allow users to manage their email preferences.

Fines for violation of GDPR privacy rules can be hefty, including $90,000 to a company that sent email to 3.3 million customers that had opted out of its lists.

As companies pursuing AI and machine learning solutions race to get the data needed to make their applications work, we can see some challenging moments.

Contribute Your Face to Google Database, Earn $5

For instance, seeking to ensure its facial recognition image database is more diverse, Google recently began offering black homeless people in Atlanta $5 vouchers to submit their faces to the database, according to an account in TheRegister.

With images of white men dominating its database, Google hired contractors to offer vouchers to people to record their faces. The temporary agency Randstad was told to target people with darker skin. Some were homeless living on the streets in Atlanta. Participants may not have been explicitly told what their images would be used for. When the word got out, it did not go over well in some circles. Atlanta City Attorney Nina Hickson wrote a letter to Google’s chief legal officer Kent Walker, asking the company to explain why the company was targeting “vulnerable populations” in Atlanta. The project was suspended. Google wanted to use the dataset to train a facial biometric system that can unlock its upcoming Pixel 4 smartphone.

See the source posts in BulletinHealthcare, Bloomberg, SuperOffice and TheRegister.



Read More

LEAVE A REPLY

Please enter your comment!
Please enter your name here