Privacy & Security
AI-ming for Better Healthcare: Legal Issues in Healthcare AI Usage
Artificial intelligence (AI) is a simulation of human intelligence that is subsequently processed by machines. It has revolutionized the healthcare space by improving patient outcomes in a variety of ways. It has also begun to leave a positive impact in health systems and hospitals as healthcare worker burnout remains on the rise. However, there are significant legal challenges that accompany its groundbreaking nature. Hospitals and health systems have a duty to mitigate these legal challenges and understand that AI should be used as a supplement, not a replacement, to human intelligence.
Kraken Settles with the SEC in a $30 Million Deal
Sophie Shapiro Associate Editor Loyola University Chicago School of Law, JD 2024 Kraken will pay $30 million to settle SEC (Securities and Exchange Commission) allegations that it broke the agency’s rules with its cryptoasset staking products and will discontinue them in the United States as part of the agreement with the regulator. What is Kraken? …
ChatGPT Artificial Intelligence: Cybersecurity Risks and Ethical Concerns
From “Fake news” to misinformation and Bots; it has become overwhelmingly challenging to authenticate information on the internet. This has not stopped the evolution of technology as innovators compete to be on the cutting edge of the latest software. OpenAI is an artificial research and deployment company that is responsible for the launch of ChatGPT in November of 2022. The newly released artificial intelligence chatbot is trained to generate realistic and convincing text. The software was fed human literature and internet language enabling it to create a body of text within the parameters of the prompt presented. With more than 1 million users, it has gained traction across the masses. However, the natural language processor has sparked controversy over cybersecurity threats and ethical concerns in its usage.
Kidnapped Data: Healthcare Ransomware Attacks
Ransomware attacks are one of the largest threats to the healthcare industry and a tough cybersecurity problem to address. From 2016-2021, there were almost 400 ransomware attacks on healthcare organizations in the US. It is estimated that such attacks exposed the personal healthcare data of over 40 million patients. Since these attacks cannot typically be resolved without paying the ransom, it is important to invest in preventative measures to protect healthcare data from potential breach.
The Case for Expanding Privacy Protections in a Post-Roe World
In Dobbs v. Jackson Women’s Health Organization (Dobbs), the US Supreme Court ruled that abortion is not a fundamental right protected by the Constitution. This decision resulted in additional abortion protections in California, Michigan, and Vermont, and prompted many patients, providers, regulators, and tech companies to rethink data privacy. However, because most abortions are still banned in at least 13 states, this patchwork of state abortion laws, combined with the lack of any sufficient national privacy law, puts patient privacy at risk.
The Downfall of Twitter: Layoffs Rocking Big Tech
Over the last several weeks we have seen mass layoffs across big tech, including Salesforce, Twitter, and Meta. This comes after big tech peaked during the COVID-19 pandemic when it was essential to the nation in keeping us virtually connected. During the lock down tech giants’ profits soared as consumers upgraded devices, maximized increased storage, and were forced to get creative in communicating in the workspace. However, inflation, rising interest rates, and digital spending are driving big tech companies to implement large-scale layoffs as the economy prepares to take a downturn. While Meta CEO, Mark Zuckerberg, described the announcement as one of his hardest decisions, Twitter CEO, Elon Musk, has taken a different approach, causing continuous chaos that has led to compliance risks.
Federal Trade Commission Accuses Chegg of “Careless” Data Security
On Monday, October 31, the U.S. Federal Trade Commission (FTC) called on education technology provider Chegg, Inc. (Chegg) to bolster its data security, citing lax security practices that regulators said exposed the personal data of more than 40 million Chegg users. The exposed personal information included names, email addresses, passwords, and for certain users, sensitive scholarship data such as dates of birth, parents’ income range, sexual orientation, and disabilities.
The Need for Federal Regulation of Tracking Pixels to Protect Patient Data
In June 2022, a nonprofit news site called The Markup released a report stating that hospitals using Meta Pixel may be releasing patient data to Meta Platforms, Inc. (previously Facebook, Inc.). Since this report was released, many of the hospitals identified in the report removed pixel technology from their websites. In addition, some hospitals have released public breach notices and reported potential data privacy breaches to the US Department of Health and Human Services (HHS) Office of Civil Rights (OCR). Most recently, on October 20, 2022, Advocate Aurora Health, a large health system located in the Midwest, released a notice publicly announcing its potential pixel breach, which may affect as many as three million patients.
Twitter Whistleblower Exposes FTC’s Ineffective Efforts to Protect User Data
Danielle McNamara Senior Editor Loyola University Chicago School of Law, JD 2023 In July 2022, former Twitter board member Peiter Zatko filed a complaint against Twitter, alleging that the social media platform failed to develop a security system consistent with the Federal Trade Commission’s (FTC) requirement to implement a comprehensive information-security program, established in 2011. …
A Collaborative Effort in Defeating Healthcare Cyber Attacks
In an effort to improve cybersecurity in the healthcare sector, a bipartisan bill was introduced in Congress on September 13, 2022, by Republican Brian Fitzpatrick of Pennsylvania and Democrat Jason Crow of Colorado. The Healthcare Cybersecurity Act relies on a partnership between the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS) to work together in improving cybersecurity in the healthcare sector. The Act has been introduced as a result of record high increases in health data breaches across the country over the last several years. The goal is to provide resources for training and heighten efforts taken across the nation to mitigate cybersecurity risk. The Act would not only improve patient care but save healthcare cost by taking a proactive approach.