Artificial intelligence in healthcare. Applications, risks, and ethical and societal impacts
El parlament europeu va encarregar un informe sobre la intel·ligència artificial a l'assistència sanitària i abans de vacances ha publicat el resultat. En realitat veig que és un informe sobre el risc que representa i que es pot fer per regular-lo.
Les idees que proposa no són pas noves. I tinc la impressió que el més important hauria de ser disposar d'una regulació general. En aquest sentit la proposta de 2021 es troba pendent de no sé ben bé què.
In 2021, the European Commission (EC) published a long-awaited proposal for AI regulation and for harmonising the rules that govern AI technologies across Europe, in a manner that addresses safety as well as human rights concerns (European Commission, 2021). In a similar fashion to the 2018 proposal of the German Data Ethics Commission, the draft EU framework provided a definition of AI that is risk-based, together with mandatory requirements for high-risk AI systems. Concretely, the document recommended to classify AI tools according to three main levels of risk: (i) unacceptable risk, (ii) high risk, and (iii) low or minimal risk.
I pel que fa a alt risc, els requeriments serien aquests:
• Use high-quality training, validation and testing data (relevant, representative).
• Draw up technical documentation & set up logging capabilities (traceability & auditability).
• Ensure appropriate degree of transparency and provide users with information on
capabilities and limitations of the system & how to use it.
• Ensure human oversight (measures built into the system and/or to be implemented by
users).
• Ensure robustness, accuracy and cybersecurity.
Obligations:
• Establish and implement quality management system in its organisation.
• Draw-up and keep up to date technical documentation.
• Undergo conformity assessment and potentially reassessment of the system (in case of
substantial modification).
• Register AI system in EU database.
• Affix CE marking and sign declaration of conformity.
• Conduct post-market monitoring.
• Collaborate with market surveillance authorities.
• Inform the provider or distributor about any serious incident or any malfunctioning.
• Continue to apply existing legal obligations (e.g. under GDPR).
Quin és el problema sense entrar en detalls del document? Doncs que s'hauria de complir la regulació de Medical Devices vigent, que obliga a aprovar software as a medical device i que s'incompleix generalitzadament. I que quan més tardin en aprovar la regulació general d'intel·ligència artificial més desfasada estarà. Crec que ja fan tard.
Bo Bartlett
