Artificial intelligence is continuing its march into most facets of our lives, and the healthcare sector is no exception. Here, the technology is being leveraged in areas like diagnostics, patient monitoring, drug discovery, personalized medicine, administrative automation, and more.
Today, this market is already estimated at $40 billion, and projected to grow up to $500 billion by 2032, with hundreds of millions of operational AI agents.
However, while AI’s promise of unprecedented efficiency and innovation is alluring, such rapid proliferation raises a number of serious concerns, namely around protecting patients’ privacy and sensitive health data. How can a system that comprises countless semi-autonomous AI systems with potentially unclear directives guarantee that people’s personal information won’t be misused – even by accident?
One promising approach is self-sovereign identity (SSI) – a blockchain-based solution that empowers patients to control their data with precision and security.
AI Agents in Healthcare
Even at contemporary levels of development, AI can significantly increase the efficiency of operational workflows and convenience in healthcare. For example, an AI agent can assist a patient in preparing for an appointment by sending reminders, collecting necessary forms, or providing custom pre-visit instructions.
Simultaneously, other highly-specialized AI agents might review claims for medical necessity, coordinate payments with insurers, or even assist physicians in analyzing diagnostic data. By unifying the entire healthcare ecosystem, AI can help create a seamless, coordinated framework that maximizes efficiency in every task.
However, such an interconnected system could end up creating a complex, opaque web of data intersections that involve third-party APIs, cloud-based systems, and unclear governance structures. At the same time, each agent requires access to sensitive patient data to effectively fulfil its tasks, which in turn risks exposing personal health information to unknown actors, leaving patients vulnerable to privacy breaches and misuse of their data.
The issue is especially pressing, with healthcare agencies proving attractive targets for hackers, as evidenced by recent attacks in the U.K. and France, where a combination of personal and medical information was exposed. Furthermore, many AI agents’ functionality and operations could lack sufficient transparency, making it nearly impossible to know who – or what – can get access to patients’ information. Without a major shift in how healthcare data is managed, millions of people globally risk losing control over one of the most private parts of their lives.
Self-Sovereign Identity: Privacy-First Solution
A workable solution may already exist. Built on decentralized blockchain technology, SSI can ensure that sensitive data is shared only with explicit consent from its owner, giving people full, permanent control over their private information.
This is facilitated by combining blockchain’s security with advanced cryptographic techniques, resulting in a robust framework that protects patient data in an AI-driven healthcare ecosystem.
At the core of SSI systems are ‘decentralized identifiers’ (DIDs), ensuring that only rightful owners can access or share their associated data. In contrast with transferable, public primitives such as NFTs, or immutable attestations, these data structures can’t be exchanged, sold or traded, preserving their integrity as a secure identifier.
Meanwhile, sensitive data is stored off-chain in a private digital wallet alongside its corresponding DID, packaged as verified credentials (VCs) that are cryptographically signed files to ensure authenticity. By storing data off-chain, SSI minimizes the risk of exposure on a public blockchain while keeping it under patients’ control.
An extra layer of privacy is also facilitated by leveraging ‘zero-knowledge proofs’ (ZKPs) – a cryptographic protocol that allows patients to validate specific information without revealing unnecessary details. For example, a ZKP could confirm to an MRI provider that a patient’s condition qualifies for a covered scan without disclosing the specific diagnosis. This way, AI agents and third parties are able to access only the minimum data required for their task, protecting sensitive details like mental health records or chronic conditions, allowing for granular access control.
Combined, these solutions ensure that AI agents can access only the exact data they need for the current task, reducing the risk of overexposure. This approach also grants patients transparency and control, allowing them to monitor who accesses their data, and freely revoke permissions at any time.
Beyond privacy protection, SSI-based frameworks also have the potential to reduce reliance on centralized databases, which are prime targets for cyberattacks. They can also streamline data sharing, thereby enabling faster, more secure interactions between patients, providers, insurers, and AI agents.
Patients Must Come First
As it stands, there is no slowing down the rise and proliferation of AI agents in healthcare. While their potential to improve efficiency and convenience is undeniable, the sector needs to ensure that robust privacy protections are in place to retain people’s trust and safety.
In this light, SSI’s forward-thinking approach offers a solution to empower patients, protect their data, and ensure that AI agents always operate within a secure, transparent framework.
The future of healthcare is digital, interconnected, and AI-driven, but it must also be private, secure, and patient-centric. With self-sovereign identity, this vision can become a reality.
About Evin McMullen
Evin McMullen is the CEO and Co-founder of Billions Network, the first universal human and AI network. Billions is pioneering a mobile-first identity layer that verifies both humans and AI agents—proving uniqueness, KYC/AML status, location, age, or even machine reputation, while preserving privacy. It replaces centralized, manual checks with a decentralized network of onchain, enterprise, and government reputation providers, creating the trust foundation for the AI era.
Her previous work includes early blockchain development for retail and enterprise, and hardware and experience design for autonomous automotive, beauty, healthcare & connected home. Evin has contributed as a leader in data standards and onchain identity, spearheading some of the first initiatives using onchain reputation technology with global-scale brand events, festivals and connected media.
Evin previously served as CEO and founder of verifiable data platform Disco.xyz, and as a Director at Berkshire Hathaway and ConsenSys. She is a cofounder of DAO Jones and inkDAO, and an advisor to Boys Club. She is a graduate of Yale University.
