INTRODUCTION Contributed by: Sarah-Jane Dobson and Katrin Ruhl, Ashurst
Artificial intelligence (AI) and machine learning (ML) The EU’s new AI Act is the first-ever standalone governance of AI from a regulatory perpsective. However, the EU AI Liability Act was withdrawn in February 2025, as the member states were unable to agree on a sufficient common basis. In other jurisdictions, such as Switzerland, legisla- tors have not yet managed to develop a regula- tory framework, or have only a partially enacted relevant regulatory framework (eg, South Korea’s AI Act, and China’s regulations on AI-assisted diagnosis technology and Al-assisted treatment technology). Telehealth Despite the increased use of telehealth following the COVID-19 pandemic, some jurisdictions lack specific telemedicine legislation. They instead rely on general healthcare rules. Others, like the USA and India, have implemented specific tel- ehealth regulations. Overall, in dealing with the topic generally and in respect of the discrete issues that arise with digital healthcare, the regulatory framework for digital healthcare is seen as lagging behind tech- nological advancements, with gaps in regulation and enforcement. Existing liability laws, in par- ticular, may need to be amended to take into account the new types of products and services emerging in digital healthcare contexts. Usu- ally, marketing authorisations by US and ROW authorities provide for the safety and conformity of the product. However, considering the num- ber and variety of digital health technologies, no similar comprehensive regulatory framework has been developed yet, leading to regulatory gaps and uncertainties.
Regulatory Oversight The oversight of digital healthcare typically falls under the remit of the usual healthcare regula- tory agencies (such as the FDA in the USA, and the FAMHP in Belgium), being responsible for oversight and providing regulatory advice. In some cases, non-healthcare regulatory agen- cies may also be involved in digital healthcare oversight. For example, the Competition and Consumer Protection Commission (CCPC) in Ireland is responsible for consumer protection, including digital healthcare applications. The enforcement of laws and regulations in digital healthcare varies by jurisdiction and can range from educating infringing parties and issuing warning letters to pre-market assess- ments, routine monitoring and the imposition of penalties (even criminal penalties). Data protec- tion violations are particularly liable to stricter enforcement. The current regulatory frameworks are evolving but still face challenges in fully addressing the risks posed by digital technologies in health- care. For instance, in Australia, the Therapeutic Goods Administration (TGA) has made strides with recent amendments to the Medical Device Regulations, yet cybersecurity and data privacy remain critical issues needing further regula- tory attention. In the USA, while the FDA and other agencies have established guidelines and enforcement mechanisms, the rapid pace of technological advancement often outstrips regulatory updates. In Switzerland, the decen- tralised approach and lack of a coherent data management environment highlight the neces- sity for a more integrated and robust regulatory framework to effectively manage the complexi- ties of digital healthcare technologies. Proposed reforms in the USA, for example, may address
8
CHAMBERS.COM
Powered by FlippingBook