Logo and page links

Main menu

Helse Bergen, exit report: The use of artificial intelligence (AI) in the follow-up of vulnerable patients

Objective of the sandbox process

Helse Bergen entered the sandbox with an AI tool that was practically ready to go into operation. At that time, a thorough assessment of the legal requirements for the development and use of the tool had already been performed.

The objective of the project’s participation in the sandbox was to:

  • Clarify Helse Bergen’s opportunities for utilising AI, where doing so is lawful and responsible.
  • Shorten the path from idea to the implementation of AI in other areas of Helse Bergen in particular and the health sector in general.

In other words, the project may be beneficial and have transferable value for other projects undertaken by Helse Bergen and other health trusts, as well as other public sector entities.

The aim of the regulatory sandbox is to find good, privacy-friendly solutions for the development and use of AI. In this project, we have discussed the legality of using confidential health data for the development of algorithms, and the extent to which it is permitted to use such tools in the provision of clinical care. Furthermore, the rights of patients have taken up a large part of the agenda. In this respect, discussions have especially focused on how the right of access and the right to be forgotten may be safeguarded in practice, as well as what information about the algorithm the patient must be given in order to aid in the provision of medical assistance.

These discussions are grouped and summarised in the exit report under three main topics, which are described below. The three main topics are:

  1. Is the development and use of AI in the provision of medical care legal?
  2. How should information be tailored to the patients?
  3. How can we ensure that the algorithm provides a fair result?

In Part 2, we will discuss issues linked to transparency and how the algorithm's results must be explained.

In the final part, we present an assessment of Helse Bergen's approach to the requirement that such a model must be fair, and how the requirements for the system to have built-in data protection may help achieve this.