Cautious optimism on foundation models in medical imaging balancing privacy and innovation

Source Domain: www.nature.com

To more precisely address the privacy challenges posed by FMs, an enhanced three-pronged strategy is proposed. First, technical safeguards must directly mitigate privacy leakage during large-scale training, including FM-tailored differential privacy mechanisms and federated pretraining frameworks adapted for heterogeneous data sources. Second, participatory governance must be implemented across institutional and national borders, with standardized privacy audits and transparent risk reporting. Third, regulatory frameworks such as the GDPR and EU AI Act must evolve to explicitly account for FM-specific threats. For instance, the EU AI Act9 already places obligations on providers of general-purpose AI models (Articles 53–55), including public disclosure of training data summaries, technical documentation, and risk mitigation for systemic models, while GDPR10 principles like data minimization, pseudonymization, and limitations on automated decision-making apply when personal data is involved. This includes introducing new definitions for latent biometric risks, mandating training data provenance declarations, and enforcing conformity assessments for high-risk AI systems in healthcare. These targeted interventions offer a pragmatic path forward to unlock innovation while maintaining trust in AI-driven medical imaging.

Technically, methods like feature disentanglement may be used to separate useful clinical patterns from identifying details11. Collaborative frameworks such as federated learning further reduce privacy-breaching risks by keeping data decentralized12. Synthetic data generation, combined with strong privacy guarantees, can further protect individual identities without sacrificing research utility, possibly even augmenting the potential of such models8,9,10.

From a policy standpoint, legislation such as HIPAA may need revision to address AI-specific risks (https://aspe.hhs.gov/reports/health-insurance-portability-accountability-act-1996). The European…

Source