Agencies release guidance on AI data security 

May 28, 2025 - 04:02 PM
An abstract image of cybersecurity graphics.

The National Security Agency, Cybersecurity and Infrastructure Security Agency and international partners May 22 released guidance on securing data used for artificial intelligence and machine learning systems. The guidance outlines potential risks from data integrity issues in various stages of AI development and usage, and it provides best practices to secure AI-based system data. Additionally, the guidance examines three significant areas of data security risks in AI systems — the data supply chain, maliciously modified or “poisoned” data and data drift.  

“This crucial reference guide, compiled by the world’s leading government AI experts, is a must-read for health care leaders involved in the governance, development or deployment of AI systems in their organizations,” said John Riggi, AHA national advisor for cybersecurity and risk. “The guide discusses specific methodologies to help ensure data security and integrity throughout the AI system lifecycle. These include starting with sourcing reliable data sets and employing immutability and encryption tools, along with digital signatures, to validate and record any trusted changes to AI systems and data.” 
 
For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.

Related News Articles

Headline
AHA urges smarter AI regulation for advancing innovation, safety and access to health care
The AHA today submitted a letter to the Office of Science and Technology Policy in response to its request for information on regulatory reform for artificial…
Headline
2025 Cybersecurity Year in Review, Part Two: Mitigating Third-Party Risk, Ensuring Clinical Continuity and Addressing AI Risk
In part two of a recent blog, AHA National Advisor for Cybersecurity and Risk John Riggi and AHA Deputy National Advisor for Cybersecurity and Risk Scott Gee…
Headline
AHA shares concerns, recommendations with CMS on WISeR model
The AHA Oct. 23 recommended changes to the Centers for Medicare & Medicaid Services’ Wasteful and Inappropriate Services Reduction model to address…
AHA Cyber Intel
2025 Cybersecurity Year in Review, Part Two: Mitigating Third-Party Risk, Ensuring Clinical Continuity and Addressing AI Risk
In part one of this blog, we reviewed the number of cyberattacks the health care field endured this year compared to last; provided an overview of the lessons…
Headline
Reminder: Comments due to OSTP Oct. 27 on regulations hindering AI development
Comments are due Oct. 27 to the Office of Science and Technology Policy on federal regulations that hinder artificial intelligence development, deployment or…
Headline
CISA warns of vulnerability in F5 BIG-IP products
The Cybersecurity and Infrastructure Security Agency Oct. 15 released an emergency directive advising federal agencies to take stock of their F5 BIG-IP…