Regulator examines if medical scans were used without patient consent
Australia's privacy regulator has launched an investigation into I-MED Radiology Network, the country's largest medical imaging provider, over allegations that it used private medical data to train artificial intelligence (AI) without patient consent.
The investigation follows reports that I-MED shared patient chest x-rays with health technology company Harrison.ai to train AI systems, without informing patients. According to a leaked email obtained by Crikey.com.au, Harrison.ai distanced itself from the issue, stating that questions of patient consent and privacy were "not matters for Harrison to respond to."
In a statement, Harrison.ai said the data used did not contain personal information and that the company complied with its legal obligations.
The Office of the Australian Information Commissioner (OAIC) announced it is making inquiries to ensure I-MED is meeting its obligations under Australian privacy law.
"The OAIC is making preliminary inquiries with I-MED Radiology Network to ensure it is meeting its obligations under the Australian privacy principles," a spokesperson said.
Under Australian law, personal information can be disclosed for its intended purpose or a secondary purpose that would be reasonably expected.
However, due to the unique risks associated with AI, the spokesperson noted that it may be difficult to establish that such secondary use aligns with reasonable expectations.
