Publication

Abstract :

Protecting the personal health information of every individual is an absolute requirement when training LLMs (Large Language Model) within the healthcare arena. In this paper, we trained the BioGPT (biomedical-specific generative language model) on a large set (MedQuAD) of medical questions and answers. Our means of ensuring the protection of the data has included the use of Differential Privacy via the use of DP-SGD, where we implemented per-sample gradient clipping, along with well-calibrated random Gaussian noise generated over the duration of our training process. As a result, these models protect patient privacy while retaining almost all of their performance on downstream healthcare applications as compared to non-private models and have a significantly decreased risk of Membership Inference Attacks, memorization of training data, and prompt-based leakage of patient data. Additionally, a series of comprehensive experiments to validate the privacy vs utility trade-off has allowed us to quantify the highest level of privacy (in correlation to HIPAA Compliance) we can provide, while maintaining clinically acceptable accuracy rates. Our research provides a scalable, reproducible, and easy-to-deploy training pipeline for creating generative medical LLMs that protect patient privacy, and is an excellent framework for developing trust-able language models for use in real-life applications of healthcare.