Preserving privacy in domain transfer of medical AI models comes at no performance costs: The integral role of differential privacy

by   Soroosh Tayebi Arasteh, et al.

Developing robust and effective artificial intelligence (AI) models in medicine requires access to large amounts of patient data. The use of AI models solely trained on large multi-institutional datasets can help with this, yet the imperative to ensure data privacy remains, particularly as membership inference risks breaching patient confidentiality. As a proposed remedy, we advocate for the integration of differential privacy (DP). We specifically investigate the performance of models trained with DP as compared to models trained without DP on data from institutions that the model had not seen during its training (i.e., external validation) - the situation that is reflective of the clinical use of AI models. By leveraging more than 590,000 chest radiographs from five institutions, we evaluated the efficacy of DP-enhanced domain transfer (DP-DT) in diagnosing cardiomegaly, pleural effusion, pneumonia, atelectasis, and in identifying healthy subjects. We juxtaposed DP-DT with non-DP-DT and examined diagnostic accuracy and demographic fairness using the area under the receiver operating characteristic curve (AUC) as the main metric, as well as accuracy, sensitivity, and specificity. Our results show that DP-DT, even with exceptionally high privacy levels (epsilon around 1), performs comparably to non-DP-DT (P>0.119 across all domains). Furthermore, DP-DT led to marginal AUC differences - less than 1 subgroups, relative to non-DP-DT. Despite consistent evidence suggesting that DP models induce significant performance degradation for on-domain applications, we show that off-domain performance is almost not affected. Therefore, we ardently advocate for the adoption of DP in training diagnostic medical AI models, given its minimal impact on performance.


page 5

page 7

page 9

page 11

page 22

page 23

page 24

page 26


Private, fair and accurate: Training large-scale, privacy-preserving AI models in radiology

Artificial intelligence (AI) models are increasingly used in the medical...

Local Differential Privacy Image Generation Using Flow-based Deep Generative Models

Diagnostic radiologists need artificial intelligence (AI) for medical im...

Balancing Privacy and Progress in Artificial Intelligence: Anonymization in Histopathology for Biomedical Research and Education

The advancement of biomedical research heavily relies on access to large...

Bounding Membership Inference

Differential Privacy (DP) is the de facto standard for reasoning about t...

ViP: A Differentially Private Foundation Model for Computer Vision

Artificial intelligence (AI) has seen a tremendous surge in capabilities...

Robust and generalizable embryo selection based on artificial intelligence and time-lapse image sequences

Assessing and selecting the most viable embryos for transfer is an essen...

The Impact of De-Identification on Single-Year-of-Age Counts in the U.S. Census

In 2020, the U.S. Census Bureau transitioned from data swapping to diffe...

Please sign up or login with your details

Forgot password? Click here to reset