Artificial intelligence (AI) is already being utilized in many pharmacies in areas such as inventory management, phone systems and adverse event prediction. Another area where the technology can really make a difference is in patient privacy and preventing data breaches. However, before implementing AI, the technology must be heavily scrutinized and understood by its end user.
Crystal Riggs, PharmD, senior vice president of pharmacy services at Curative, an employer-based health insurer based in Texas, noted independent pharmacists must be vigilant about protected health information to preserve privacy and prevent data breaches.
“Pharmacists would have to use de-identified information when analyzing [data], use the minimum necessary rule, and be mindful of any patient identifiers when processing information through AI tools,” she said. “The profession is highly regulated, and pharmacists must be aware of how they are using data. Cybersecurity is also an ever-present threat to businesses. Pharmacies must have proper safeguards in place to combat these issues.”
Patient privacy is especially important in the pharmacy space, and AI can be a huge asset to protecting it. Pharmacies must utilize systems that detect abnormal patterns or potential data breaches while keeping patient information confidential. AI-assisted tools are increasingly being utilized by pharmacies for their privacy protection capabilities; they can review data logs and detect unauthorized access attempts, as well as alert pharmacy personnel to suspicious activities.
By implementing robust encryption algorithms and secure data storage systems, pharmacists can ensure that patient information remains confidential and protected from unauthorized access. AI can also be utilized to detect anomalies in data patterns and identify potential security threats, enabling proactive measures to be taken to mitigate risks.
Bryan Shaw, PharmD, senior director of pharmacy analytics and informatics for healthcare service company Vizient, explained that AI operates using large data sets, making it essential to understand exactly what data is necessary to provide the AI model and to ensure that the data fed into the model is stored safely and securely.
“Pharmacists should not share data [with] AI solutions that are either accessing unknown sources or are unknown to any degree as these solutions do not guarantee that the data is safely and securely held and do not meet regulatory requirements for patient confidentiality, or the requirements of their organization from a legal or ethical consideration,” he said. “Instead, pharmacists should seek out AI solutions that take safety and privacy requirements into consideration.”
Organizations typically have internal policies that govern the use of external AI platforms so pharmacists should consult those resources or look to organizations already employing such policies to determine if they need to establish their own criteria.
AI itself can directly preserve privacy and prevent data breaches by recognizing “regular” or “normal” data usage behavior through continuous evaluation in real time and therefore identify any outlier behavior that deviates from the norm. Once abnormal behavior is identified, the proper teams can be alerted to then determine what the next course of action is.
“Because AI requires and drives large data sets, the ability to identify and alert abnormal data usage is especially important to prevent hackers accessing the data as the information is quite sensitive and valuable,” Shaw said.
Another way AI can be used is through development of chat bots that can help patients with common requests such as refilling prescriptions, asking for store hours, and checking if their prescription is ready. Patients perceive more privacy with chat bots because of the minimal human interaction. However, inquiries such as for medical advice should always be handled by the pharmacist or another provider.
“The chat bot functionality allows simple interaction with patients and frees up time for the healthcare providers (pharmacists included) to handle truly complex requests, but patients may have hesitancy conveying simple personal information to a human being due to perceived sensitivity barriers and anonymity issues,” Shaw said.