06.04 2023

KPMG: artificial intelligence cannot replace a doctor

Mihkel Kukk, Head of Cyber Security Services at KPMG, says that artificial intelligence cannot replace doctors in healthcare, but it can make their job much easier and faster. At the same time, low IT budgets and the resulting deficiencies and inadequate cyber security posture are cause for concern in healthcare.

Kukk admits that there are many tasks that a computer can perform better than a human can and that could be entrusted to artificial intelligence. “Very large volumes of data can be processed or analysed many times faster by a computer than by a doctor,” he said. Thus, with the support of AI, doctors could make significantly better treatment decisions and make them much faster than before.

The amount and quality of data are growing at a staggering pace, but to be able to use the data smartly, it is necessary to invest in both software and hardware. However, the systemic underfunding of healthcare in Estonia hampers progress. “Indeed, it is often the case that we complete a development project for an application such as the Patient Portal, for example, but there is no money planned for the subsequent maintenance and security of the application or system,” Kukk said.

Systemic underfunding also makes healthcare institutions vulnerable to cyber security threats. “At some point, the integrity of the data may be compromised, which could result in a patient being accidentally administered a lethal dose of medication if, say, a nurse fails to double-check it,” Kukk said. Inadequate cyber security measures can also lead to the leakage of sensitive personal health data. “The integrity, availability and confidentiality of health data are all equally important and must be equally well protected.”

Due to an acute shortage of money in Estonia’s healthcare system, healthcare institutions are often forced to choose between hiring healthcare professionals and buying medical equipment or investing in IT solutions. “If doctors form the majority in the management team, the choice tends to be made in favour of the former, as people need to be treated in any case,” Kukk said. “As long as there is no change in the amount and allocation of funds, it is difficult to see how the situation can improve significantly.”

According to Kukk, the lack of money to maintain IT systems is a problem for the whole public sector in Estonia, not just healthcare. “Instead of large one-off investments, development should be continuous and comprehensive,” he added. “This means that if we are developing a large IT system, we must plan a certain amount of money for its maintenance in the next ten years so that we can upgrade and change it as and when necessary and ensure system security,” Kukk said. “What we are currently seeing, however, is that two or three million euros are invested in a development project, and then the system is expected to be up and running for the next ten years, but that is not the case, unfortunately.”


KPMG is a global network of firms providing audit, tax, legal and advisory services. KPMG member firms operate in 144 countries and territories and collectively employ more than 236,000 partners and people. In Estonia, KPMG has been operating since 1992 and currently employs more than 250 staff. Nearly 2,000 professionals work for KPMG Estonia’s partner firm KPMG Finland and almost 6,000 in KPMG member firms in other Nordic countries.

Bolstering Cyber Resilience with High-Quality Red Teaming

The escalating complexity and frequency of cyberattacks pose a critical risk to the stability of ..

KPMG recognized as a Leader in Cybersecurity Consulting Services in Europe

According to The Forrester Wave: Cybersecurity Consulting Services in Europe, Q1 2024.

We are exc..

State funding to improve the cyber security of companies

The joint organisation of Enterprise Estonia and KredEx, together with the State Information Syste..

The most cost-effective way to identify information security and cyber security vulnerabilities is through cyber maturity assessment

The most cost-effective way for companies and other organisations to identify their cyber security..

Information security can only be ensured at a high level of quality under the leadership of a competent Chief Information Security Officer

Why is information security important and what is its main purpose in the context of a company’s b..

Provide a safe and sustainable business environment for your company! We will help you build a resilient and reliable digital world, even in the face of changing threats.

KPMG Baltics OÜ

+372 626 8700
Ahtri 4, 10151 Tallinn, Estonia
KPMG Baltics KPMG Küberkaitse KPMG Global Privacy Policy
Oma veebilehel kasutame küpsiseid. Küpsised aitavad analüüsida veebiliiklust ning annavad meile statistilist teavet.
Email again:

HR assessment 

HR assessment focuses on mapping the skills and increasing the competencies of the weakest link in cyber security: the users, the employees.

Email again:

Threat assessment

Threat assessment is a tactical and technical service that allows a company to get a quick overview of external threats.

Email again:

Maturity assessment

Maturity assessment helps plan IT investments and design further steps to mitigate vulnerabilities and ensure better security.

Email again: