Posted: 07 May 2019 4 min. read

In the future of health, risk is inevitable…and we should harness it

By Amry Junaideen, Risk & Financial Advisory Life Sciences and Health Care leader, Deloitte & Touche LLP

Imagine what our health system might look like two decades from now. Artificial intelligence (AI), machine learning, open platforms, and radically interoperable data could open doors to previously inaccessible knowledge. The ability to tap into massive data sets might make it possible for pharmaceutical companies to conduct clinical trials—without patients—by modeling key traits. It could allow consumers to identify and treat illnesses at home—long before symptoms surface.

Now imagine that same technology being used by cybercriminals for nefarious purposes. Digital tools, for example, might help them evade security systems and launch sophisticated AI-enabled cyberattacks. In response, life sciences and health care organizations should do what they can to make their systems resilient. At the same time, they should determine how to take advantage of the inevitable risk that comes with advancing technologies. In our increasingly digitally connected ecosystems, the ability to meet risk head-on could create a competitive edge.

Our new report, Harnessing opportunities and managing risk in the future of health, explores these opportunities.

Risk should be a part of long-term planning, but often isn’t

Risk should be a part of the conversation any time long-term business strategies are discussed. I’ve found this often isn’t the case. The return on investment (ROI) for managing risk can be difficult to quantify. Organization leaders should be able to articulate the value of any decision, whether it is a strategic decision, or a decision related to risk. Consider a physician practice that is thinking about launching a line of business around telehealth. While this new business could attract new patients, improve the customer experience, and create a new revenue stream, it also could open the practice up to new risks unless proper cybersecurity and data privacy controls are implemented.

Before moving into a new line of business, stakeholders should compare the risk potential to the expected ROI. Organizations that can build an integrated cybersecurity approach will likely be better positioned to effectively harness valuable health care data, thwart potential security threats, and digitally enhance the patient experience. The ability to manage risk could become a competitive advantage by enhancing customer and market perceptions.

Six strategies for harnessing the future of risk

With vast amounts of digital data being generated by and about consumers—through always-on sensors, apps, and connected medical devices—cybersecurity risks are certain to increase. Organizations that implement strong data quality and security strategies are more likely to gain the trust of patients, regulators, and ecosystem partners. Here are six strategies that could help life sciences and health organizations harness some of the opportunities generated by risk:

  1. Establish partnerships with other stakeholders: Close collaboration with ecosystem partners could make it possible to develop robust, end-to-end cybersecurity programs that get smarter over time. This could create more confidence among all participating ecosystem partners.
  2. Incorporate security features as early as possible: Features that can protect data and circumvent risk should be included across the lifecycle of a product or service—from design to implementation. Such features should be tested before the new devices and technologies are added to existing infrastructure.
  3. Determine who is responsible for ensuring data security: Organizations should ensure all employees are aware of potential vulnerabilities. Roles and accountability related to cybersecurity should be clearly defined. This should include extended enterprises, where driving cybersecurity is especially critical.
  4. Counter risks associated with newly interoperable systems: In a more collaborative ecosystem, an understanding of dependencies and connected software and systems could help reduce attack surfaces and create a more resilient network.
  5. Invest in smarter access-management systems: This might include behavioral tools that can monitor and model actions of employees and business partners and escalate risky behaviors.
  6. Track infrastructure vulnerabilities: Organization leaders should establish real-time monitoring mechanisms, and they should participate in cybersecurity consortiums to stay up to date with vulnerabilities in technology infrastructures.

AI-enhanced decisions are not without risk

Cyberattacks are only one type of risk health stakeholders might face as we move toward the future of health. There are also risks tied to sophisticated algorithms that we expect will become more common. AI and intelligent automation could help health care stakeholders analyze massive data sets to improve diagnostics, care and delivery processes, and drug discovery. Rather than making decisions based on a gut feeling, predictive and prescriptive data analytics and machine learning can generate science-backed decisions. However, the black-box nature of self-learning algorithms can be difficult to understand and manage. They are not yet foolproof and can be prone to human biases and faulty assumptions. Incorrect or inadequate training data, unsuitable modeling techniques, and incorrect interpretation of algorithmic outputs can increase the risks in using them effectively.

For example, an organization could face financial losses, or a damaged reputation, if analytical models rely on inaccurate or unreliable data. Inaccurate data could threaten patient safety if it leads to incorrect diagnoses. Moreover, inaccurate models might also mean time and money needs to be spent scrubbing and reconciling disparate data. These risks could erode trust in AI algorithms and hinder the adoption of cutting-edge technologies.

We expect that AI and intelligent automation in health will likely lead to enhanced decision-making and new efficiencies. But as we travel down the road toward this future of health, stakeholders will likely reach the inevitable intersection of risk. Stakeholders that build an integrated cybersecurity approach might be better positioned to harness health data, digitally enhance the patient experience, and use risk as a competitive differentiator. Rather than just learning to manage risk, the most successful stakeholders will likely be those that can convert risk into opportunity.

 

Return to the Health Forward home page to discover more insights from our leaders.

Subscribe to the Health Forward blog via email

Get in touch

Amry Junaideen

Amry Junaideen

Managing Principal | Deloitte & Touche LLP

Amry is the managing principal of Life Sciences & Health Care for the Risk & Financial Advisory business for Deloitte & Touche LLP. Amry has over 26 years of diversified global experience in the private and public sector having served large multi-national and public sector clients on many risk management and information technology related initiatives. Amry has extensive international experience including in-country leadership roles in Australia and India. Amry has had numerous client and practice leadership roles, having worked on Pfizer, Amgen, Beyer Pharmaceutical, Genzyme Corporation, Astra Zeneca, the Centers for Medicare & Medicaid Services, and the Australian Regional Public Health System. He was also the National and Global Security & Privacy leader for life sciences. Amry’s specialties include risk management, systems integration, internal controls transformation, and talent management. Amry has a bachelor of science degree in accounting and also is a certified information systems security professional, certified in risk and information systems control, a certified information systems auditor, and a certified practicing accountant (Australia).