Concept paper · Spring 2026

Regulatory & Compliance Intelligence (RCI) in Pharma/MedTech

Development of a conceptual, AI-supported pre-screening and documentation approach for AI use cases as part of a study assignment at Karolinska Institutet (no implementation or regulatory approval).

Short version

RCI accelerates compliance triage, but does not replace technical approval

The RCI concept addresses a recurring governance task in Pharma and MedTech: Every new AI project - such as chatbots, predictive models, workflow optimizers, automated marketing tools or customer-specific projects - must be checked against an overlapping regulatory environment. These include, in particular, the EU AI Act, data protection, medical device law, national advertising rules such as the HWG and internal standards. RCI is therefore not to be understood as an autonomous compliance judgment, but rather as a structured, AI-supported preliminary review: The system collects use case data, classifies the regulatory risk provisionally, retrieves relevant standards and guidelines and creates a verifiable draft compliance memo. The release remains with humans.[1,2,6,9]
Process visualization

Representation of the RCI triage process

Step-by-step visualization of the complete RCI workflow: use case entry, risk classification (traffic light logic), regulatory retrieval and human-in-the-loop approval.

View process →
Basic principle

From a manual questionnaire to a learning compliance workflow

Manual triage is slow, inconsistent and risky. Underclassification of critical cases may result in non-compliant applications and potential patient harm; Over-classification ties up scarce expert resources. RCI resolves this tension through uniform inputs, machine pre-evaluation and mandatory human review.

The core logic is risk-based: low-risk internal tools are passed through standardized controls more quickly; HCP or patient-related applications, medical intended use, personal data or complex vendor constellations trigger in-depth examination. This makes RCI a control instrument for innovation under compliance conditions.[3,4]

Risks, automation bias & validation

System risks, countermeasures and performance metrics

Systemic risks

  • Historical training data can encode institutional biases (departmental bias, jurisdictional gaps, recency bias)[10,11]
  • Subclassification of HIGH-risk cases: patient harm and liability risk
  • Overclassification: Wasting scarce compliance capacity
  • Hallucination risk with generative memo components without RAG guardrails[5,6]

Automation Bias & Countermeasures

HITL design does not automatically prevent automation bias - uncritical acceptance of confident AI outputs is a documented patient safety risk.[15,16,21]

  • All outputs marked as “DRAFT — PENDING REVIEW”.
  • Confidence values ​​and XAI explanations explicitly visible
  • Calibration training for reviewers mandatory
  • Falling override rate as an early warning signal for uncritical acceptance

Performance metrics

Primary Goal: HIGH-Class Recall — Misclassification as LOW/MEDIUM is more dangerous than overclassification.

  • Accuracy, Precision, Recall, Macro-F1; Brier score for calibration
  • Generative: Hallucination Rate & Citation Accuracy
  • Reporting according to TRIPOD+AI, CONSORT-AI, SPIRIT-AI[8]
  • Ongoing: Input Distribution Drift Monitoring (AI Act Art. 72)[18]
  • Pilot (conceptual estimation): memo creation from weeks to hours; approx. 60% LOW / 25% MEDIUM / 15% HIGH risk
Distribution of liability

Who is responsible?

The final compliance memo remains a professionally accountable human decision. The EU AI Act distinguishes between the roles and obligations of providers and operators or deployers; for RCI, this means that system boundaries, review decisions, escalations, source status and the audit trail must be documented. Specific liability questions must be assessed legally depending on the organization and the individual use case.[1,3,14,16]

↗ EU AI Act (Reg. EU 2024/1689) — full text on EUR-Lex
Bibliography

Sources

Basis: Lecture notes “AI in Healthcare, Foundation and Technical Methods” (Abtahi & Astaraki, Karolinska Institutet) as well as the following peer-reviewed publications. Metadata and DOIs checked against primary sources (as of April 29, 2026).

  1. European Commission, DG Health and Food Safety. Artificial intelligence in healthcare. health.ec.europa.eu. URL: health.ec.europa.eu/…/artificial-intelligence-healthcare_en. Retrieved April 29, 2026.
  2. European Commission. AI Act — Shaping Europe’s digital future. digital-strategy.ec.europa.eu. Updated January 27, 2026. URL: digital-strategy.ec.europa.eu/…/regulatory-framework-ai. Retrieved April 29, 2026.
  3. Aboy M, Minssen T, Vayena E. Navigating the EU AI Act: implications for regulated digital medical products. npj Digit Med. 2024;7:237. DOI: 10.1038/s41746-024-01232-3
  4. Sides T, Kbaier D. Bridging trust gaps: Stakeholder perspectives on AI adoption in the United Kingdom NHS primary care. Digital Health. 2025;11:1–11. DOI: 10.1177/20552076251386706
  5. Patel J, Tirmizi Z, Waheed AA, et al. Large language models in artificial intelligence to answer patient questions in spine surgery: an evaluation of current evidence. J Neurosurg Sci. 2026 Apr 1. PMID: 41920160. DOI: 10.23736/S0390-5616.26.06678-6
  6. Yang R, et al. Retrieval-augmented generation for generative artificial intelligence in health care. npj Health Syst. 2025;2:2. DOI: 10.1038/s44401-024-00004-1
  7. Niazi SK. Regulatory Perspectives for AI/ML Implementation in Pharmaceutical GMP Environments. Pharmaceuticals. 2025;18:901. DOI: 10.3390/ph18060901
  8. Welch ML, Grant B, Deutschman C, McElcheran C, et al. A practical framework for operationalizing responsible and equitable artificial intelligence in health care: tackling bias, inequity, and implementation challenges. Lancet DigitHealth. 2026. DOI: 10.1016/j.landig.2025.100957
  9. Wells BJ, et al. A practical framework for appropriate implementation and review of artificial intelligence (FAIR-AI) in healthcare. npj Digit Med. 2025;8:514. DOI: 10.1038/s41746-025-01900-y
  10. Yang Y, Lin M, Zhao H, Peng Y, Huang F, Lu Z. A survey of recent methods for addressing AI fairness and bias in biomedicine. J Biomed Inform. 2024;154:104646. DOI: 10.1016/j.jbi.2024.104646
  11. Uddin S, et al. Gender-based data bias and model fairness evaluation in benchmarked open-access disease prediction datasets. Comput Biol Med. 2026;203:111503. DOI: 10.1016/j.compbiomed.2026.111503
  12. Vieira C, et al. Exploring transparency: A comparative analysis of explainable artificial intelligence techniques in retinography images to support the diagnosis of glaucoma. Comput Biol Med. 2025;185:109556. DOI: 10.1016/j.compbiomed.2024.109556
  13. Mingels S, Piehl H, Therrien M, Akhmad E, et al. Understanding Clinicians' Informational Needs for AI-Driven Clinical Decision Support Systems: Qualitative Interview Study. JMIR Med Educ. 2026;12:e85228. DOI: 10.2196/85228
  14. Olawade DB, et al. Human in the loop artificial intelligence in healthcare: applications, outcomes, and implementation challenges. Int J Med Inform. 2026;213:106362. DOI: 10.1016/j.ijmedinf.2026.106362
  15. Brunyé TT, et al. Artificial intelligence and computer-aided diagnosis in diagnostic decisions: 5 questions for medical informatics and human-computer interface research. J Am Med Inform Assoc (JAMIA). 2026;33:543–550. DOI: 10.1093/jamia/ocaf123
  16. Chau MT, Spuur KM, White S, et al. Malpractice in the machine age: Legal and ethical responses to machine learning in medical imaging. Radiography. 2026;32:103339. DOI: 10.1016/j.radi.2026.103339
  17. van Kolfschooten H, Goosen S, van Oirschot J, Schouten B, et al. Legal, ethical, and policy challenges of artificial intelligence translation tools in healthcare. Discov Public Health. 2025;22:904. DOI: 10.1186/s12982-025-01277-z
  18. Palama V, Kadiri C, Babarinde AO, Nwanze J, et al. Auditing and Monitoring Artificial Intelligence Systems in Healthcare: A Multilayer Framework for Bias Detection, Explainability, and Regulatory Compliance. Cureus. 2026;18:e104547. DOI: 10.7759/cureus.104547
  19. Allgaier J, et al. How does the model make predictions? A systematic literature review on the explainability power of machine learning in healthcare. Artif Intell Med. 2023;143:102616. DOI: 10.1016/j.artmed.2023.102616
  20. Hur S, et al. Comparison of SHAP and clinician friendly explanations reveals effects on clinical decision behavior. npj Digit Med. 2025;8:578. DOI: 10.1038/s41746-025-01958-8
  21. Goddard K, Roudsari A, Wyatt JC. Automation bias: a systematic review of frequency, effect mediators, and mitigators. J Am Med Inform Assoc (JAMIA). 2012;19(1):121–127. DOI: 10.1136/amiajnl-2011-000089
← Home