Outsourcing AI and Deep Learning in Healthcare: Protecting Data Privacy

Jonathan Martin, EMEA Operations Director at Anomali, highlights how artificial intelligence and deep learning are transforming healthcare by delivering actionable insights. Open‑source frameworks such as Theano, Torch, CNTK, and TensorFlow enable accurate predictions for conditions ranging from cancer to cardiovascular disease based on imaging and clinical data.

Integrating AI into medical workflows is not optional—it is a strategic imperative. Yet, the path forward is strewn with challenges, notably a chronic shortage of technically skilled professionals. While cybersecurity talent could fill this gap, the supply of qualified experts lags behind demand across the industry.

Adding to the complexity is the requirement for access to Personally Identifiable Information (PII). PII is a prized target in cyber‑attacks, making its protection paramount. In 2019, the National Health Service (NHS) partnered with DeepMind, a subsidiary of Alphabet/Google, to analyze 1.6 million patient records—including blood tests, diagnostic imaging, HIV status, and prior medication history—raising serious privacy concerns.

The WannaCry ransomware incident underscored the devastating impact of a single breach on national health infrastructure. Despite such risks, the potential benefits of AI remain too significant to ignore. The solution lies in building robust technical capacity in‑house and enforcing stringent data‑handling protocols.

Key safeguards include:

• Redaction and pseudonymisation – Strip all PII before data leaves the organization. Only a trusted partner should hold the mapping between patient identifiers and their pseudonyms.
• Removal of semi‑sensitive attributes – Geographic location or other contextual data can inadvertently enable re‑identification and should be omitted unless absolutely necessary.

These practices reduce risk but are not infallible. A Carnegie Mellon University study revealed that social security numbers could often be reconstructed from seemingly innocuous fields like birth date and gender, demonstrating the limits of conventional de‑identification.

Emerging technologies such as federated learning and homomorphic encryption promise stronger privacy guarantees. Federated learning keeps raw data on premises while aggregating model updates, whereas homomorphic encryption allows computation on encrypted data without decryption—effectively eliminating the exposure of PII.

Although these solutions are still maturing, the healthcare sector must strike a balance between harnessing AI’s transformative power and safeguarding patient confidentiality. Ongoing investment in skilled personnel, secure architectures, and privacy‑enhancing techniques will be the cornerstone of responsible AI adoption.

Author: Jonathan Martin, EMEA Operations Director at Anomali