STÓR

Towards the Development of a Data Security Risk Management Framework for Medical Device Software AI Models

Jayaneththi, Buddhika and Regan, Gilbert and Fergal, McCafery (2024) Towards the Development of a Data Security Risk Management Framework for Medical Device Software AI Models. In: EuroSPI 2024, 4-6 September, Munich, Germany.

[thumbnail of Towards the Development of a Data Security Risk Management framework for Medical Device Software AI Models.pdf] PDF - Published Version
Download (253kB)

Abstract

Data is considered the ‘backbone’ of the development of Artificial Intelligence (AI) models, including medical device software (MDS) AI models that process sensitive health data. Therefore, implementing necessary measures to assure data security is a key requirement that should be considered when developing MDS AI models. Developers face several challenges when assuring data security during the development of MDS AI models and the lack of guidance, i.e., a risk management standard or framework on managing the risks to sensitive health data is one of the major challenges they face. Moreover, the existing risk management standards and frameworks have several gaps and implementation challenges including: the lack of comprehensive threat and vulnerability lists; lack of a structured method for risk calculation or estimation; lack of a list of risk controls and risk control implementation details; and the need to refer to other standards and documentation for further information. Furthermore, current regulations and standards on AI model development recommend implementing a risk management process throughout the lifecycle of the AI model as a key requirement that should be employed for assuring data security. This paper presents the reasons behind the need for the development of a new developer friendly data security risk management framework that can be implemented by developers to assure data security when developing the MDS AI models. Additionally, this paper presents the elements that such a framework should contain. Ultimately, the framework should assist with improving the trustworthiness of AI and its adoption within the MDS industry and society.

Item Type: Conference or Workshop Item (Paper)
Subjects: Computer Science
Computer Science > Computer Software
Research Centres: Regulated Software Research Centre
Depositing User: BuddhikaGayashani Jayaneththi
Date Deposited: 13 Nov 2025 11:31
Last Modified: 13 Nov 2025 11:31
URI: https://eprints.dkit.ie/id/eprint/956

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

EPrints Logo
STÓR is powered by EPrints 3.4 which is developed by the School of Electronics and Computer Science at the University of Southampton. About EPrints | Accessibility