Artificial intelligence in health care: data protection concerns in Malaysia

Abstract

Abstract • The application of artificial intelligence (AI) has transformed the existing notion of the health care system. The concept of AI is not new, but increasing computational power and big data, the Internet of Things, and advanced analytical power ushers in new opportunities to realize the full potential of AI. Recently, there has been an increased application of AI in the health care system, potentially raising questions about patient safety, privacy, security, and confidentiality, specifically data protection. • The present study focuses on the effectiveness of the Malaysian data protection law in addressing the issue of health data protection in the wake of proliferated use of AI in the health care system. The Malaysian Personal Data Protection Act (PDPA) has to face challenges in applying AI because the data processing mechanism of AI has fundamentally challenged the adequacy and sustainability of present data protection principles and associated rights of individuals. • However, as nearly a decade-old law, the current PDPA requires some amendments to its provisions, for instance, the introduction of the mandatory requirement of data protection impact assessment and privacy by design for high-risk data (ie health data) processing and human involvement in automated decision-making process among others. Besides, ensuring more accountability and transparency on the part of the data users by introducing a comprehensive code of practice about the processing of health data would help data users comply with data protection legislation.