From August 2026, every hospital, clinic and GP practice using AI is a deployer under the EU AI Act — with legal duties for oversight, staff training and documentation. GovernedAI turns those obligations into working, auditable clinical protocols.
The EU AI Act is unambiguous: if your organisation uses AI — even informally — you are a deployer, and the duties are yours. The liability has shifted from the individual clinician to the organisation.
A clinician pasting patient information into a public AI tool means your organisation is processing special category data (GDPR Art. 9) with no lawful basis, no DPIA, and no audit trail. Intent is not a defence.
AI vendors update models without warning. A prompt that performed reliably in January may behave differently by June. The AI Act expects deployers to monitor operation — and you cannot monitor what you never validated.
Article 4 has required AI literacy training for staff using AI since February 2025. Most healthcare organisations hold no training records — and it is the first thing an authority will ask to see.
A prompt is not a protocol. Every entry in our governed library has passed a five-stage validation framework before it is approved for institutional use.
Fundamental rights impact assessments. A National AI Registry. Clinical risk review before deployment. Ireland’s national strategy has made governance the price of admission.
The HSE Implementation Framework and HIQA’s national guidance are still being written. Organisations that build the evidence trail now will meet them by default — not by scramble. And the EU-law layer already applies to every healthcare organisation, public or private.
Every governed protocol generates a version-controlled evidence trail — usable in governance reports, board packs and regulator conversations, mapped to the EU AI Act, GDPR and Ireland’s AI for Care requirements. Not a badge. Documentation that stands up to questioning.
Start with the training your organisation already legally owes its staff — or take the full readiness kit. Early Irish organisations receive founding pricing in exchange for a named reference.
A structured 45-minute session that maps your AI exposure across GDPR special category data risks, Article 4 training gaps, human-oversight blind spots and model drift. You receive a written report. No obligation.
Start with our 12-question self-assessment — 3 minutes, instant results — then request your full written audit session.
For managers, DPOs and compliance leads at healthcare organisations. Response within 48 hours.
Practical guidance on the EU AI Act, GDPR and HIQA / HSE developments — for the people running Irish and European healthcare organisations.