For years, a lot of medical AI has marched forward with the same battlefield optimism as every doomed invasion plan in history: ship the model, polish the dashboard, and sort out governance later. This new NPJ Digital Medicine paper suggests that strategy is running out of road fast. Choo and colleagues surveyed 122 developers working on AI in medicine and found something both reassuring and mildly alarming: many of the people building these systems feel personally responsible for doing the right thing, but a lot of them are still operating without firm maps, shared doctrine, or enough institutional backup to keep the whole campaign from turning into a friendly-fire incident Choo et al., 2026.
That matters because medical AI is not a photo filter that makes your lunch look more sincere. These tools can influence diagnoses, triage, documentation, and treatment decisions. In other words, if the supply lines fail here, somebody bleeds.
The front line report
The study asked developers about their awareness, familiarity, and adoption of medical AI regulatory frameworks. The headline numbers are stark. Only 57.4% said they were aware of any relevant frameworks, and just 33.6% said their organizations had formally adopted one Choo et al., 2026. That is not exactly a picture of a tightly drilled regiment.
The interesting twist is that developers did not shrug this off. They ranked robustness as the most important ethical principle and saw themselves as the primary actors responsible for implementing regulatory standards. Translation: the engineers are not trying to dodge the mission. They just do not all have the same briefing packet.
Developers at organizations that had adopted frameworks were more familiar with them, and senior developers scored higher than junior ones. No mystery there. If your unit has a battle plan and a veteran sergeant, people are less likely to wander into a swamp carrying a stochastic parrot with admin access.
Why this skirmish matters more than it sounds
Medical AI regulation can sound like paperwork in a necktie. It is not. It is the difference between "the model looked good in a slide deck" and "this system can be trusted in a clinic at 3:12 a.m. when everyone is tired and the stakes are very real."
That gap between shiny principle and messy practice has shown up before. A 2023 qualitative study of U.S. developers of machine-learning health products found that they recognized risks like bias, privacy problems, and workflow disruption, but that accepted procedures for assessing and mitigating harms were still thin on the ground Nichol et al., 2023. Same war, different foxhole.
Recent literature shows the reinforcement effort is underway. A 2024 review on regulating AI medical devices compared the U.S., EU, and China and found notably different regulatory styles across jurisdictions, which is a polite academic way of saying developers may be fighting on three maps at once Liu et al., 2024. A 2025 framework paper in Scientific Reports proposed ten dimensions for responsible autonomous AI in healthcare, while other 2025 papers in NPJ Digital Medicine pushed practical governance models for health systems and safety-critical evaluation before deployment Alelyani, 2025; Stetson et al., 2025; Wells et al., 2025.
The field is building fortifications. The problem is that many developers are still arriving with shovels instead of blueprints.
The wider campaign is getting louder
This paper also lands at a moment when the broader regulatory theater is heating up. The U.S. FDA says its traditional device framework was not designed for adaptive AI/ML technologies and continues updating guidance and its list of AI-enabled devices, including plans to better identify devices using LLM-like functionality (FDA). In Europe, the AI Act entered into force on August 1, 2024, and high-risk medical AI systems face requirements around risk management, data quality, transparency, and human oversight (European Commission).
Outside regulators, governance is becoming an operational issue. The OECD reported on March 27, 2026 that AI use in health is widespread in administration but still limited at national scale for areas like medical imaging, with regulatory uncertainty and governance gaps slowing broader rollout (OECD). In the U.S., the Joint Commission and CHAI released guidance in September 2025 aimed at helping health systems implement AI safely at scale (Joint Commission).
So the mood on the ground has shifted. This is no longer a side quest for the compliance team. It is central command.
What should developers actually take from this?
First, responsibility without support is not virtue. It is burnout with extra documentation. If developers already see themselves as accountable, organizations need to match that with training, governance processes, clear escalation paths, and time to do validation work that is not glamorous but keeps patients safe.
Second, regulation is not just a barricade. It is also a translation layer between code and care. Done well, it forces teams to answer the annoying grown-up questions: What is the intended use? What happens when the model drifts? Who monitors harm? Who gets the final say? You know, all the questions that magically disappear in product demos.
Third, this study is a warning flare for the generative AI crowd now charging into healthcare with the confidence of a cavalry unit that has never seen mud. Adoption is accelerating, but the old rule still applies: in medicine, "move fast and break things" is less a slogan than a deposition preview.
References
Choo CM, Malik S, Feng M, et al. Examining developer perspectives on medical AI regulatory frameworks. npj Digital Medicine. 2026. DOI: https://doi.org/10.1038/s41746-026-02689-0. PubMed: https://pubmed.ncbi.nlm.nih.gov/42103977/
Nichol AA, Sankar PL, Halley MC, et al. Developer Perspectives on Potential Harms of Machine Learning Predictive Analytics in Health Care: Qualitative Analysis. J Med Internet Res. 2023;25:e47609. DOI: https://doi.org/10.2196/47609. PubMed: https://pubmed.ncbi.nlm.nih.gov/37971798/
Liu Y, Yu W, Dillon T. Regulatory responses and approval status of artificial intelligence medical devices with a focus on China. npj Digital Medicine. 2024;7(1):255. DOI: https://doi.org/10.1038/s41746-024-01254-x. PubMed: https://pubmed.ncbi.nlm.nih.gov/39294318/
Alelyani T. A validated framework for responsible AI in healthcare autonomous systems. Scientific Reports. 2025;15:44432. DOI: https://doi.org/10.1038/s41598-025-25266-z
Stetson PD, Choy J, Summerville N, et al. Responsible Artificial Intelligence governance in oncology. npj Digital Medicine. 2025. DOI: https://doi.org/10.1038/s41746-025-01794-w
Wells BJ, Nguyen HM, McWilliams A, et al. A practical framework for appropriate implementation and review of artificial intelligence (FAIR-AI) in healthcare. npj Digital Medicine. 2025. DOI: https://doi.org/10.1038/s41746-025-01900-y
U.S. Food and Drug Administration. Artificial Intelligence-Enabled Medical Devices. https://www.fda.gov/medical-devices/software-medical-device-samd/artificial-intelligence-enabled-medical-devices
European Commission. Artificial Intelligence in healthcare. https://health.ec.europa.eu/ehealth-digital-health-and-care/artificial-intelligence-healthcare_en
OECD. Scaling Artificial Intelligence in Health. 2026. DOI: https://doi.org/10.1787/a436e12d-en
World Health Organization. Ethics and governance of artificial intelligence for health. 2021. https://www.who.int/publications/i/item/9789240029200
Disclaimer: This blog post is a simplified summary of published research for educational purposes. The accompanying illustration is artistic and does not depict actual model architectures, data, or experimental results. Always refer to the original paper for technical details.