By AIRecht Editor

Utrecht, 23 September, 2021. AI in healthcare earns clinical trust most readily when its legal and ethical preconditions are designed in from the start. That was the message Mauritz Kop brought to the SmartHealth masterclass Kunstmatige intelligentie in de zorg, where he taught the legal and ethical frameworks module for healthcare professionals and innovators. The engagement extends a teaching line that began with the course on AI, data, privacy and innovation at Maasstad Hospital Rotterdam.

The masterclass, announced by Dutch digital-health platform SmartHealth, took place on September 23, 2021 at Van der Valk Hotel Houten. The faculty combined clinical, technical and legal perspectives on bringing artificial intelligence responsibly into care pathways — from procurement and validation to deployment at the bedside.

Teaching the legal and ethical preconditions of medical AI

Kop's module addressed the legal and ethical conditions an AI application in healthcare must satisfy: privacy and data-protection law governing patient data, intellectual property and data-sharing arrangements, liability questions, and the fundamental-rights dimension of algorithmic decision support. As SmartHealth noted in its announcement, Kop is a lawyer and managing partner at AIRecht who teaches courses and postgraduate education on intellectual property, technology, privacy and data legislation, and contributes to European AI policy as a member of the European AI Alliance and the Dutch AI Coalition — see the SmartHealth announcement.

The module's framing was deliberately practical. A diagnostic-support algorithm is never just a model: it is a processing operation under the GDPR, frequently a medical device under the EU Medical Device Regulation (MDR) or IVDR, a node in a liability chain that runs from developer through hospital to treating physician, and an intervention in the fundamental rights of the patient whose data trained it. Teaching healthcare innovators to read their product through each of those four lenses — before procurement, not after an incident — was the working method of the two days.

From principles to procurement language

Principles travel only when they become contract language and process. For a hospital buying a triage algorithm, "transparency" means a vendor obligation to disclose training-data provenance and known failure modes; "human oversight" means a defined escalation path with named roles; "accountability" means audit logs the hospital can actually read and a liability clause that survives the pilot phase. The module pressed the legal frameworks down to that level of concreteness — because that is the level at which a procurement officer, a privacy officer and a medical specialist can each do their part of the work.

An interdisciplinary faculty

Fellow faculty included practitioners building and validating medical AI in Dutch hospitals and startups, among them Willem Herter (Pacmed), Kicky van Leeuwen (Radboudumc), Diederik de Rave (Attendi) and Wim-Kees Janssen (Syntho) — grounding the legal module in the day-to-day reality of clinical AI development: intensive-care prediction models, radiology validation, speech recognition in care documentation, and synthetic data as a privacy-preserving alternative to raw patient records.

That pairing matters. Legal teaching about medical AI that never touches a confusion matrix stays abstract; technical teaching that never touches the GDPR's lawful-basis question ships unusable products. The masterclass put both in one room, which is precisely the interdisciplinary setting in which questions about AI and artificial intelligence in care deserve to be answered. AIRecht had argued for structured, ex-ante review of exactly this kind in its earlier Artificial Intelligence Impact Assessment, and explored the clinical-robotics dimension at the Legal Status of Robots and AI in Healthcare symposium at Academy Het Dorp.

From the 2020 policy moment to the adopted AI Act

The timing of the autumn 2020 edition was no accident. The European Commission had published its White Paper on Artificial Intelligence in February 2020, and the contours of a risk-based European AI regulation were taking shape — with healthcare AI widely expected to land in the high-risk tier. Teaching innovators in that window meant teaching them what was coming, not only what already applied.

The legal landscape has only grown denser since. The EU has since adopted the Artificial Intelligence Act (Regulation (EU) 2024/1689), whose obligations for high-risk systems — risk management, data governance, technical documentation, human oversight, conformity assessment — interlock with the MDR/IVDR regime that already governs much clinical AI. The masterclass's design-it-in-from-the-start message has become more current, not less: requirements that were policy signals in 2020 are binding law on a phased timetable today.

Where the MDR and the AI Act interlock

Clinical AI sits under both regimes at once — they are layers, not alternatives. Software with a medical purpose has long qualified as a medical device under the Medical Device Regulation (Regulation (EU) 2017/745), with classification, clinical evaluation and notified-body involvement to match. The AI Act adds a second layer on top: an AI system that is a safety component of such a device — or is itself such a device subject to third-party conformity assessment — is classified as high-risk, which brings the AI Act's own requirements on risk management, data and data governance, technical documentation, transparency and human oversight into play alongside the device rules. For developers, the practical consequence is one integrated compliance file rather than two parallel ones: training-data provenance, performance metrics and post-market surveillance evidence have to serve both regulators at once. That is exactly the design-stage thinking the 2020 module taught — only the paperwork has since acquired article numbers.

Why this matters for health-AI innovators

Healthcare is where the promise and the risk of artificial intelligence concentrate. Diagnostic support models train on sensitive patient data; deployment decisions touch patient safety, medical-device qualification and professional liability. Teaching innovators to treat legal and ethical requirements as design inputs — rather than after-the-fact paperwork — supports their regulatory readiness work and shortens the path from pilot to responsible practice. AIRecht's broader work on these themes is set out in the analysis of law, ethics and policy of quantum & AI in healthcare and life sciences.

Part of a continuing education practice

From hospital floors to masterclass venues, educating the people who buy, build and use medical AI remains a structural part of AIRecht's practice. The SmartHealth masterclass placed the legal module alongside hands-on clinical and technical teaching — and its core lesson travels well beyond the health sector: an AI system whose legal preconditions are an afterthought will meet its regulator at the worst possible moment, while a system that carries its compliance evidence by design meets the same regulator with a file already open. For the people deciding on medical AI procurement today, that difference is the whole game — and it is decided long before the first patient ever encounters the system.

Last updated: June 9, 2026