For the moment, Amazon’s Alexa is not HIPAA compliant. This reduces its utility to those in the healthcare field. This is surely only temporary and a HIPAA compliant version may be on its way.
Amazon’s cloud platform, Amazon Web Services (AWS), can be used in compliance with HIPAA, and Amazon are said to be interested in integrating their voice recognition technology into the health sector. Before Alexa can be introduced into this ecosystem, Amazon will have to add measures to make it HIPAA compliant.
There are a number of obvious possible uses for Alexa in healthcare: from transcribing physicians’ notes; to acting as a virtual office assistant; to remotely monitoring patients. Already present in 30 million homes in America, Alexa could help patients to take more responsibility for their healthcare
Trials underway
Trials of Alexa for use in healthcare are already underway. An Alexa skill has been created by WebMD to allow people to access their content from household Alexa devices. A pilot scheme using simulated data to evaluate how Alexa could perform in an inpatient setting was carried out by Beth Israel Deaconess Medical Center (BIDMC). It generated very positive results. BIDMC intend to integrate Alexa into the clinical setting once the necessary protections have been introduced and they can obtain a business associate agreement (BAA) from Amazon.
Another pilot was run by Boston’s Children’s Hospital (BCH) to test how Alexa could help provide information to clinical staff, though this was conducted with non-identifiable health information as no BAA was in place. BCH have also created an Alexa skill, KidsMD, for use by parents who want to find out information related to medical conditions and basic health advice.
The Alexa Diabetes Challenge
Pharmaceutic giant Merck launched the Alexa Diabetes challenge in April 2017 to encourage people to find ways that Alexa could be used to benefit the almost 30 million Americans living with type 2 diabetes.
While lifestyle changes and treatments to manage the disease can help people enjoy long, healthy lives, self-management of diabetes can be a struggle – particular for those who are new to the routine required to deal with it. Amazon reached out and asked for ideas on how Alexa’s voice recognition technology could be used to benefit sufferers.
In September 2017, Oxana Pickeral, AWS’s Global Segment Leader for Healthcare and Life Sciences, recognized that HIPAA was a barrier to Alexa’s widespread adoption in the healthcare market. However, she is confident of its potential, saying “while Alexa and Lex are not HIPAA-eligible, this [the Diabetes Challenge] has provided us an opportunity to envision what is possible”. HIPAA compliance for Alexa is currently being explored by Amazon.
The Next Steps
Although a number of elements are already in place from the push to make AWS HIPAA compliant, Alexa and its underlying Lex platform do not yet include the necessary data protections to comply with the HIPAA Security Rule. For now, it cannot be used with PHI in any capacity by HIPAA covered entities.
It seems like it will only be a matter of time before Amazon releases a HIPAA compliant version of Alexa, but without the sufficient features to meet HIPAA rules, Alexa is not currently eligible to be used with any identifiable health information.