23 Medical Liability and AI Systems

Learning Objectives

AI introduces novel liability questions that existing medical malpractice frameworks struggle to address. This chapter examines legal responsibilities, regulatory implications, and practical risk mitigation strategies for physicians using AI. You will learn to:

Understand liability allocation when AI systems fail (physician, hospital, vendor)
Navigate FDA regulation and its impact on legal responsibility
Apply relevant legal precedents and emerging case law
Assess professional liability insurance coverage for AI-related claims
Implement documentation practices to minimize liability exposure
Recognize duty of care standards for AI-assisted medicine
Evaluate informed consent requirements for AI use

Essential for all practicing physicians, risk managers, hospital administrators, and legal counsel.

📋 Chapter Summary (TL;DR)

The Central Question: Who is Liable When AI Fails?

Current medical malpractice law evolved for human decision-making. AI complicates traditional liability models:

Physician: Still bears ultimate responsibility for patient care
Hospital/Health System: Liable for system selection and implementation
AI Vendor: Limited liability under current frameworks
Training Data Providers: Emerging area of potential liability

Legal Framework for Medical AI:

✅ Traditional Medical Malpractice Standard: - Duty: Physician owes duty of care to patient - Breach: Deviation from standard of care - Causation: Breach directly caused harm - Damages: Patient suffered compensable injury

AI adds complexity: What is the “standard of care” for AI use?

✅ Physician Liability Scenarios:

Scenario 1: Following AI Recommendation That Harms Patient - Physician used FDA-cleared AI - AI suggested inappropriate treatment - Physician followed recommendation without independent verification - Likely Outcome: Physician liable if failed to exercise independent judgment - Key Principle: AI is a tool, not a substitute for clinical reasoning (Char, Shah, and Magnus 2018)

Scenario 2: Ignoring Correct AI Recommendation - AI correctly identifies critical finding (e.g., pulmonary embolism on CT) - Physician dismisses or overlooks AI alert - Patient suffers harm from missed diagnosis - Likely Outcome: Physician liable if AI use is standard of care in that specialty - Key Principle: Once AI becomes standard practice, failure to use or heed it may constitute negligence (Topol 2019)

Scenario 3: Using Non-FDA-Cleared AI - Physician uses experimental or internally-developed AI - AI produces erroneous result - Patient harmed - Likely Outcome: Higher liability exposure without regulatory clearance - Key Principle: FDA clearance provides (limited) legal protection

Scenario 4: AI System Malfunction - FDA-cleared AI produces error due to software bug - Physician reasonably relied on system - Patient harmed - Likely Outcome: Shared liability between physician (duty to verify) and vendor (product liability) - Key Principle: “Black box” AI doesn’t absolve physician responsibility

FDA Regulation and Liability:

✅ FDA Device Classification Impact:

Class I (Low Risk): - Minimal regulatory requirements - Limited legal protection from FDA clearance - Examples: Dental caries detection, skin lesion triage apps

Class II (Moderate Risk): - 510(k) clearance required (substantial equivalence) - Provides some legal protection if used as intended - Examples: CAD systems for mammography, diabetic retinopathy screening - Most common category for medical AI

Class III (High Risk): - Premarket approval (PMA) required (rigorous clinical trials) - Strongest legal protection if FDA-approved - Examples: Autonomous diagnostic systems, treatment decision algorithms - Very few AI systems reach this bar

✅ FDA Clearance Does NOT Mean: - Complete protection from liability - AI is infallible or perfect - Physician can abdicate clinical judgment - Standard of care is automatically met

✅ FDA Clearance DOES Mean: - Device met regulatory safety/effectiveness standards - Evidence of reasonable performance in defined population - Predicate device exists with known track record (510(k)) - May shift burden in litigation (defendant can argue regulatory compliance)

Documentation to Minimize Liability:

✅ Essential Documentation Practices:

1. Document AI Use in Clinical Note:

Assessment and Plan:
[Clinical reasoning]

AI Decision Support Used:
- System: [Name, version] (FDA 510(k) cleared)
- AI Output: [Summary of AI recommendation]
- Clinical Judgment: [How physician integrated/modified AI recommendation]
- Rationale: [Why physician agreed/disagreed with AI]

Why This Matters: - Demonstrates independent clinical judgment - Shows thoughtful integration of AI - Provides evidence of reasonable care - Protects against both over-reliance and under-reliance claims

2. Document Deviations from AI Recommendations:

AI Recommendation: [Treatment A]
Clinical Decision: Selected [Treatment B] instead
Rationale: [Patient-specific factors: comorbidities, preferences, contraindications]

Professional Liability Insurance:

✅ Key Policy Questions to Ask Your Insurer:

Does the policy cover AI-assisted clinical decisions?
- Most policies: Yes (AI is a “tool”)
- Verify explicitly in writing
Are there exclusions for specific AI technologies?
- Experimental AI, non-FDA-cleared AI?
- Autonomous vs. assistive AI?
What are notice requirements if AI-related adverse event occurs?
- Immediate reporting?
- Documentation standards?
Does policy cover defense costs for regulatory investigations (FDA, CMS)?
- Not all policies include regulatory defense

23.1 Legal Duties in the Age of AI

23.1.1 The Physician’s Core Duty Remains Unchanged

Despite technological advances, the fundamental principle of medical liability persists: physicians owe patients a duty to provide care that meets the applicable standard of care. AI doesn’t eliminate this duty - it transforms it.

The standard of care is defined as what a reasonable, prudent physician would do in similar circumstances. As AI becomes integrated into clinical practice, courts will grapple with defining this standard in AI-augmented contexts (Char, Shah, and Magnus 2018).

23.1.2 Three Emerging Legal Duties

1. Duty to Use AI When It’s Standard of Care

As AI systems demonstrate superior performance and gain widespread adoption, failure to use them may constitute negligence. For example:

Diabetic retinopathy screening: IDx-DR is FDA-approved for autonomous screening. In communities where it’s deployed, not offering screening (when clinically indicated) could breach duty of care (Abràmoff et al. 2018).
Medication interaction checking: Computerized drug interaction systems are ubiquitous. Failure to use them (or ignoring their alerts without documentation) is strong evidence of negligence in medication error cases.

2. Duty to Understand AI Limitations

Physicians must understand what AI systems can and cannot do. Blind reliance on AI is negligence. This includes:

Knowing validation populations: Using an AI system on patients outside its validated population is risky (e.g., pediatric AI applied to adults; AI trained on one racial group applied to others) (Obermeyer et al. 2019).
Recognizing failure modes: Understanding when AI is likely to fail (rare diseases, atypical presentations, edge cases) (Beam, Manrai, and Ghassemi 2020).
Monitoring performance: Awareness of real-world performance data, not just development/validation metrics (Wong et al. 2021).

3. Duty to Exercise Independent Judgment

AI is a tool, not a replacement for physician reasoning. Courts will hold physicians responsible for AI-assisted decisions if they:

Fail to critically evaluate AI recommendations
Accept implausible AI outputs without verification
Delegate decision-making authority to AI
Lose competency to practice without AI assistance

This is analogous to calculator use: physicians can use calculators for eGFR, but must recognize when results don’t make clinical sense (Topol 2019).

23.2 Allocation of Liability: Who Pays When AI Fails?

23.2.1 The “Liability Gap” Problem

Traditional medical malpractice assigns liability clearly: the physician made a decision, and if it breached the standard of care and caused harm, the physician (and employer hospital) are liable. AI introduces uncertainty:

Physician claims: “I relied on FDA-cleared AI; the AI was wrong.”
Vendor claims: “We provided accurate risk information; the physician misused our system.”
Hospital claims: “We implemented AI per vendor specifications; the physician didn’t follow protocols.”

This diffusion of responsibility creates a “liability gap” where injured patients may struggle to recover damages (Char, Shah, and Magnus 2018).

23.2.2 Physician Liability Scenarios in Detail

Scenario A: Negligent Use of AI

A radiologist uses an AI chest X-ray system for pneumonia detection. The AI flags a nodule as benign. The radiologist doesn’t independently review the image and misses a lung cancer.

Legal Analysis: - Physician breached duty of care by failing to independently interpret the image - AI assistance doesn’t reduce radiologist’s responsibility - Analogous to ignoring a consultant’s report without independent assessment - Result: Physician (and employer) liable

Key Legal Principle: AI is consultative, not substitutive. Physicians must maintain independent competence (Rajkomar, Dean, and Kohane 2019).

Scenario B: Reasonable Reliance on Defective AI

A dermatologist uses an FDA-cleared AI skin lesion analyzer. The AI has a systematic defect: it misclassifies melanomas in darker skin tones due to training data bias. The dermatologist reasonably relies on the AI and misses a melanoma in a Black patient.

Legal Analysis: - Physician exercised reasonable care given FDA clearance and marketed accuracy - AI system has a design defect (biased training data) - Vendor may face product liability - Result: Shared liability or vendor liability under product liability theory (Daneshjou et al. 2022)

Key Legal Principle: FDA clearance provides some protection if AI has systematic defect not apparent to reasonable user.

Scenario C: Ignoring AI Warning

An emergency physician evaluates a patient with chest pain. An AI-enabled ECG system flags high-risk features of acute coronary syndrome. The physician dismisses the alert without documentation, diagnoses anxiety, and discharges the patient. The patient suffers a myocardial infarction.

Legal Analysis: - If AI use is standard of care in that setting, ignoring AI without documented reasoning is negligence - Analogous to ignoring abnormal lab value - Burden on physician to justify clinical judgment that contradicted AI - Result: Physician liable (Attia et al. 2019)

Key Legal Principle: Once AI is standard of care, ignoring it requires documented justification.

23.2.3 Hospital and Health System Liability

Hospitals face distinct liability theories:

1. Vicarious Liability (Respondeat Superior): - Hospital liable for employed physicians’ negligence - Standard doctrine; AI doesn’t change this

2. Corporate Negligence: - Hospital’s independent duty to ensure quality care - Includes: credentialing, equipment maintenance, policy development - AI-Specific Duties: - Selecting appropriate AI systems (due diligence) - Training staff on AI use - Monitoring AI performance post-deployment - Maintaining AI system updates/patches - Establishing AI governance (Kelly et al. 2019)

Example: A hospital deploys a sepsis prediction AI without training clinical staff. Nurses ignore alerts because they don’t understand the system. Patients suffer harm from delayed sepsis recognition. Result: Hospital liable for negligent implementation (Sendak et al. 2020).

3. Failure to Adopt AI (Emerging Theory): - As AI becomes standard, not adopting it may be corporate negligence - Analogous to failure to adopt other safety technologies - Not yet legally established, but plausible future claim (Topol 2019)

23.2.4 Vendor Liability

AI vendors face limited liability under current frameworks, but this is evolving:

Traditional Product Liability Theories:

1. Design Defect: - AI system systematically produces errors due to design (e.g., biased training data, inappropriate algorithm) - Plaintiff must show: (a) alternative safer design was feasible, (b) defect caused harm - Challenge: Defining “defect” for probabilistic AI is difficult (all AI has error rates) (Beam, Manrai, and Ghassemi 2020)

2. Manufacturing Defect: - Software bug or deployment error causes AI to malfunction - Differs from design: specific instance departed from intended design - Example: Software update introduces bug causing misclassification

3. Failure to Warn: - Vendor didn’t adequately warn users about AI limitations, failure modes, or misuse risks - Examples: - Insufficient information about validation population - Inadequate guidance on when not to use AI - Failure to disclose known error patterns (Nagendran et al. 2020)

Challenges in Applying Product Liability to AI:

“Learned Intermediary” Doctrine: Vendors may argue physician is the “learned intermediary” who should understand and mitigate AI risks (similar to pharmaceutical liability).
Software vs. Device Distinction: Software has traditionally faced lower liability standards than physical devices (no strict liability in many jurisdictions).
Causation Difficulties: Hard to prove AI (vs. physician’s judgment) caused the harm.

23.3 FDA Regulation and Legal Implications

23.3.1 FDA’s Framework for AI as Medical Devices

The FDA regulates AI/ML-based software as “Software as a Medical Device” (SaMD) under the Federal Food, Drug, and Cosmetic Act. The regulatory pathway depends on risk classification:

Class I (Low Risk): - Examples: Administrative tools, dental caries detection - Regulatory Burden: Minimal; general controls only - Legal Implication: FDA clearance provides minimal legal protection

Class II (Moderate Risk): - Examples: CAD systems, diagnostic assistance tools - Regulatory Burden: 510(k) premarket notification (demonstrate “substantial equivalence” to predicate device) - Legal Implication: Moderate protection if device used as labeled - Most medical AI falls here (Topol 2019)

Class III (High Risk): - Examples: Autonomous diagnostic/treatment systems - Regulatory Burden: Premarket Approval (PMA) requiring clinical trials - Legal Implication: Strong protection if PMA approved; rarely granted for AI

23.3.2 FDA’s AI/ML-Based SaMD Action Plan

The FDA is adapting regulations for AI’s unique characteristics (continuous learning, performance drift). Key components:

1. Pre-Determined Change Control Plan (PCCP): - Allows AI updates without new FDA submission if changes are within pre-specified parameters - Vendor must demonstrate “Software as a Medical Device Pre-Specifications” (SPS) and “Algorithm Change Protocol” (ACP) - Legal Implication: Creates framework for continuous improvement, but also continuous liability exposure if updates introduce errors (He et al. 2019)

2. Good Machine Learning Practice (GMLP): - Quality management principles for AI development - Covers data quality, model design, testing, monitoring - Legal Implication: Adherence to GMLP could be evidence of reasonable care; violation could be negligence per se

3. Real-World Performance Monitoring: - FDA expects post-market surveillance of AI performance - Vendors must detect and report performance degradation - Legal Implication: Failure to monitor or act on degrading performance could be basis for vendor liability (Finlayson et al. 2021)

23.3.3 Legal Effect of FDA Clearance

What FDA Clearance Means Legally:

✅ Provides some legal protection (not absolute): - Evidence device met regulatory standards at time of clearance - May shift burden of proof in litigation (defendant argues regulatory compliance as defense) - Useful in defending against product liability claims

❌ Does NOT protect against: - Off-label use (using device outside FDA-cleared indications) - Negligent use by physicians - Misrepresentation of capabilities by vendors - Manufacturing defects post-clearance (Char, Shah, and Magnus 2018)

“Regulatory Compliance Defense”: - Some jurisdictions recognize compliance with FDA regulations as defense to product liability claims - Others hold regulatory compliance is “floor, not ceiling” and doesn’t preclude liability - Varies significantly by state

23.3.4 Non-FDA-Cleared AI: Legal Minefield

Many AI tools in medicine lack FDA clearance: - Clinical decision support tools exempt under “CDS exemption” (21st Century Cures Act) - Internally developed “clinical algorithms” - Research or experimental AI - AI tools developed for quality improvement

Legal Risk: - No regulatory vetting increases liability exposure - Difficult to defend use in malpractice case (“Why did you use an unproven tool?”) - May violate professional liability insurance terms

Risk Mitigation for Non-Cleared AI: - Institutional Review Board (IRB) review if research - Informed consent disclosing experimental nature - Robust internal validation before clinical use - Clear documentation that AI is adjunctive, not dispositive (Beam, Manrai, and Ghassemi 2020)

23.4 Evolving Legal Standards and Case Law

23.4.1 Why So Few Cases?

Despite widespread AI use, few medical malpractice cases involving AI have reached courts. Reasons include:

Cases Settle: Most malpractice claims settle confidentially, preventing precedent development
Causation Challenges: Plaintiffs must prove AI (not physician error) caused harm - difficult to establish
AI is Recent: Many AI deployments are too new for adverse outcomes to reach litigation stage (cases take years)
Liability Diffusion: Uncertainty about whom to sue (physician, hospital, vendor) may deter plaintiffs’ attorneys

23.4.2 Analogous Precedents Courts May Apply

Computer-Aided Detection (CAD) Cases:

Although rare, a few cases involve older CAD systems (pre-deep learning):

Holding: Radiologists remain fully responsible for interpretation; CAD doesn’t reduce standard of care (Lehman et al. 2015)
Rationale: CAD is a “second opinion” tool; radiologists must independently interpret images
Application to Modern AI: Courts likely to apply same reasoning to advanced AI systems

Medical Device Product Liability:

Hundreds of cases involve medical device failures (pacemakers, surgical robots, infusion pumps). Key principles:

Strict Liability: Manufacturers liable for defective products regardless of negligence (in most states)
Design Defect: Product unreasonably dangerous as designed (risk-utility balancing test)
Learned Intermediary Doctrine: Physician is the “learned intermediary” who understands risks and advises patients; reduces vendor’s duty to warn patients directly

Application to AI: - AI as “software device” may face similar strict liability - Design defect claims for biased training data, inadequate validation - Learned intermediary doctrine may protect vendors if physicians should have known AI limitations (Char, Shah, and Magnus 2018)

23.4.3 The “Black Box” Problem and Explainability

A unique AI legal challenge: many AI systems (especially deep learning) are “black boxes” - even developers can’t fully explain individual predictions.

Legal Questions: - Can physicians reasonably rely on unexplainable AI? - Does lack of explainability constitute a design defect or failure to warn? - Can informed consent be meaningful if mechanism is unknown?

Current Thinking: - FDA doesn’t require full explainability, only performance validation - Courts likely to accept black-box AI if: - Rigorously validated in relevant populations - Performs at least as well as humans - Users understand limitations and don’t blindly trust it (Rudin 2019)

However: EU’s AI Act and GDPR create “right to explanation” in certain contexts, which may influence U.S. legal evolution.

23.4.4 Future Legal Developments to Watch

1. Specialty Society Guidelines: - American College of Radiology, American Pathology Association, others are developing AI use guidelines - These guidelines may become legal standard of care (courts often defer to professional society standards) - Physicians should monitor and follow emerging guidelines (Topol 2019)

2. State Medical Board Regulations: - Some states exploring AI-specific regulations for physicians - May require training, competency assessment, specific documentation practices - Violations could constitute professional misconduct

3. CMS Reimbursement Conditions: - Medicare may condition reimbursement on AI safety practices - E.g., require monitoring programs, adverse event reporting for certain AI uses - Would indirectly create legal standards

4. International Regulatory Influence: - EU’s AI Act classifies medical AI as “high-risk” - Requires conformity assessments, human oversight, transparency - U.S. companies competing globally may adopt these higher standards, influencing U.S. practice

23.5 Practical Documentation Strategies

Effective documentation is the best liability protection. AI requires specific documentation practices beyond traditional clinical notes.

23.5.1 Template: AI-Assisted Diagnosis Documentation

Chief Complaint: [Standard documentation]

History of Present Illness: [Standard documentation]

Physical Examination: [Standard documentation]

Diagnostic Studies:
- [Imaging/labs ordered]

AI-Assisted Interpretation:
- System Used: [Name, version, FDA clearance status]
- AI Finding: [Summary of AI output, e.g., "AI flagged 2.3 cm nodule
  in RLL with malignancy probability 78%"]
- Independent Assessment: [Your own interpretation: "Reviewed images
  independently. Concur with AI identification of nodule. Morphology
  concerning for malignancy given irregular margins and spiculation."]
- Synthesis: [How you integrated AI into clinical reasoning: "Given
  patient's smoking history, nodule characteristics per AI analysis,
  and my independent assessment, high suspicion for lung malignancy.
  Discussed findings with patient and recommended PET-CT and
  pulmonology referral for biopsy."]

Assessment and Plan: [Standard documentation incorporating above]

23.5.2 Template: Documentation When Disagreeing with AI

AI-Assisted Analysis:
- System Used: [Name, version]
- AI Recommendation: [What AI suggested, e.g., "AI sepsis alert triggered;
  recommended blood cultures and broad-spectrum antibiotics"]
- Clinical Judgment: [Your assessment: "Reviewed AI inputs. Patient's
  vital sign changes explained by pain and anxiety related to fracture.
  No signs of infection on examination. Lactate normal. WBC normal."]
- Decision: [What you did: "Did not initiate sepsis protocol. Continued
  fracture care. Will monitor for signs of infection. Discussed rationale
  with nursing staff to avoid alert fatigue on future similar cases."]

Why This Documentation Protects You: - Demonstrates you didn’t ignore AI blindly - Shows independent clinical reasoning - Provides rationale for deviation - Evidence of thoughtful risk-benefit analysis (Reddy et al. 2020)

23.5.3 Template: Informed Consent for Significant AI Use

Informed Consent Discussion: AI-Assisted Treatment Planning

Discussed with patient:
1. Treatment planning will utilize [AI system name], FDA-cleared software
   that analyzes [patient data type] to recommend [treatment options]

2. AI accuracy: System has been shown to be accurate in approximately [X]%
   of cases based on clinical studies. However, it is not perfect and can
   make errors, particularly in [known limitations].

3. Physician role: I will review the AI recommendations and use my medical
   judgment and expertise to develop a personalized treatment plan. The AI
   assists me but does not make the final decisions.

4. Patient data use: Your medical information will be analyzed by the AI
   system. Data is [de-identified/kept confidential] and [does/does not]
   leave our institution.

5. Alternatives: We can develop a treatment plan without using AI, relying
   on standard clinical guidelines and my expertise.

6. Patient questions: [Document any questions and your answers]

7. Patient decision: Patient [consents/declines] AI-assisted treatment
   planning.

Signature: ___________________ Date: ___________

23.5.4 Red Flag Documentation: What NOT to Do

❌ Avoid:

“Followed AI recommendation” (implies no independent thought)
“AI cleared the patient” (AI doesn’t have authority)
No mention of AI when it materially influenced decision (lack of transparency)
Generic documentation that doesn’t specify which AI system or its output

✅ Better:

“Integrated AI analysis into clinical decision-making as follows…”
“After reviewing AI output and independently assessing patient, my clinical judgment is…”
“AI system provided supplemental data that, combined with [other clinical information], informed my decision to…” (Price and Cohen 2019)

23.6 Professional Liability Insurance Considerations

23.6.1 Understanding Your Coverage

Most physicians have occurrence-based or claims-made professional liability insurance. These policies generally cover: - Negligent acts, errors, or omissions in rendering professional services - Defense costs for malpractice claims

AI-Specific Questions:

1. Does your policy explicitly exclude AI-related claims? - Most policies don’t explicitly address AI - Absence of exclusion generally means coverage exists - Action: Request written confirmation from insurer that AI-assisted clinical decisions are covered

2. Are there conditions on AI use for coverage to apply? - Some insurers require FDA-cleared AI only - Some require institutional approval/governance - Some require specific training or credentialing - Action: Review policy carefully; comply with any stated conditions

3. What are notice requirements if AI-related incident occurs? - Most policies require “prompt” notice of incidents that could lead to claims - Define AI-related incidents covered: adverse outcomes, near misses, system malfunctions - Action: Clarify with insurer what constitutes reportable AI incident

4. Does coverage extend to AI implementation or governance roles? - Clinical informaticists selecting AI systems - Quality improvement work involving AI deployment - AI governance committee participation - Action: These may be administrative functions outside standard clinical coverage; verify coverage (Char, Shah, and Magnus 2018)

23.6.2 Emerging Insurance Products

The insurance market is adapting to AI:

AI Technology Liability Insurance: - Covers AI developers/vendors - May include coverage for clinical deployment partners - Some vendors offer coverage to provider customers as part of service agreements

Cyber Liability Insurance with AI Provisions: - Covers data breaches compromising AI systems - Covers AI-targeted cyberattacks (adversarial attacks) - Relevant as AI systems become attack vectors (Finlayson et al. 2019)

Shared/Hybrid Models: - Hospital + physician + vendor shared coverage - Allocates liability risk contractually - Still experimental; not widely available

23.6.3 Insurance Carrier Risk Management Recommendations

Many insurers now provide AI-specific risk management guidance to policyholders:

Training documentation: Keep records of AI training completion
Competency assessment: Demonstrate proficiency before independent AI use
Audit participation: Engage in institutional AI performance audits
Incident reporting: Report AI near-misses and adverse events
Documentation standards: Follow insurer-recommended documentation templates

Following these recommendations may: - Reduce premiums - Provide affirmative defense in claims - Demonstrate reasonable care (Kelly et al. 2019)

23.7 Conclusion and Recommendations

23.7.1 For Individual Physicians

1. Educate Yourself: - Understand AI systems you use: validation data, limitations, error rates - Stay current with specialty society guidelines on AI - Participate in AI training offered by your institution

2. Document Thoroughly: - Use AI-specific documentation templates - Demonstrate independent clinical judgment - Explain deviations from AI recommendations

3. Verify Insurance Coverage: - Confirm AI-assisted care is covered - Understand notice requirements for AI incidents - Ask about emerging AI-specific riders or exclusions

4. Maintain Clinical Skills: - Practice diagnostic reasoning without AI intermittently - Don’t become over-reliant on AI - Ensure you can deliver standard care if AI unavailable

5. Communicate Transparently: - Inform patients when AI materially influences care - Address patient concerns or preferences - Document informed consent when appropriate (Topol 2019)

23.7.2 For Hospitals and Health Systems

1. Establish AI Governance: - Create multidisciplinary AI governance committee - Develop AI procurement and vetting standards - Implement post-deployment monitoring programs

2. Provide Training and Support: - Mandatory training before AI system access - Ongoing education on updates and new systems - Clinical decision support for understanding AI outputs

3. Develop Legal Infrastructure: - Review vendor contracts for liability provisions - Ensure professional liability insurance covers AI use - Create AI-specific policies and procedures - Establish adverse event reporting systems (Reddy et al. 2020)

4. Monitor and Audit: - Regular performance audits comparing real-world to validation results - Detect and respond to performance drift - Track subgroup performance to identify disparate impact (Obermeyer et al. 2019)

5. Foster Safety Culture: - Encourage reporting of AI errors and near-misses - Non-punitive learning environment - Systematic analysis of AI-related incidents - Continuous quality improvement

23.7.3 For AI Vendors

1. Transparency: - Provide clear validation data and performance metrics - Disclose training data characteristics and limitations - Communicate known failure modes and edge cases

2. Post-Market Surveillance: - Monitor real-world performance actively - Provide performance feedback to customers - Issue alerts if performance degradation detected

3. User Training: - Comprehensive training programs for clinical users - Competency assessment before independent use - Ongoing education on updates and new features

4. Contractual Clarity: - Clear liability allocation in service agreements - Consider offering indemnification or insurance coverage - Define respective responsibilities of vendor and provider (Nagendran et al. 2020)

5. Regulatory Compliance: - Pursue FDA clearance/approval when appropriate - Follow Good Machine Learning Practice principles - Engage proactively with regulators

23.7.4 The Path Forward

Medical liability law is struggling to keep pace with AI innovation. Current frameworks evolved for human decision-making and physical devices; AI challenges these models. Over the next decade, we will see:

Clearer legal standards as cases reach courts and precedents develop
Regulatory evolution at FDA, state medical boards, and CMS
Professional society guidance establishing specialty-specific AI standards of care
Insurance market adaptation with AI-specific products and risk management tools

In this uncertain legal environment, the principles of good medicine remain constant:

Patient safety first: Use AI to improve care, not replace judgment
Transparency: With patients, colleagues, and regulators
Continuous learning: About AI capabilities, limitations, and evolving standards
Humility: Recognize AI is a tool that augments, not supplants, clinical expertise
Documentation: Create clear records of AI-assisted decision-making (Char, Shah, and Magnus 2018)

Physicians who embrace these principles while staying informed about legal developments will minimize liability exposure while maximizing AI’s potential to improve patient care.

23.8 Clinical Bottom Line

🎯 Key Takeaways

Liability Reality: 1. Physicians remain primarily liable for AI-assisted decisions - AI doesn’t transfer responsibility 2. FDA clearance provides some legal protection but doesn’t absolve physicians of independent judgment 3. As AI becomes standard of care, failure to use it may constitute negligence - emerging legal theory 4. Documentation is critical - demonstrate independent reasoning and thoughtful AI integration

Risk Mitigation Priorities: 1. Know your AI systems: validation data, limitations, FDA status 2. Document AI use explicitly: system used, output, independent assessment, synthesis 3. Maintain clinical competence: don’t become AI-dependent 4. Verify insurance coverage: confirm AI-assisted care is covered; understand reporting requirements 5. Follow institutional protocols: training, governance, adverse event reporting

Legal Landscape: - Few cases have reached courts; law is evolving - Expect increased litigation as AI becomes ubiquitous - Specialty society guidelines will shape legal standards of care - Insurance markets adapting with new products and requirements

The Non-Negotiable Rule: AI assists; physicians decide. Courts will hold you accountable for AI-assisted decisions as if they were entirely your own. Use AI wisely, verify outputs, document thoroughly, and never abdicate clinical judgment to an algorithm.

References

Abràmoff, Michael D., Philip T. Lavin, Michele Birch, Nilay Shah, and James C. Folk. 2018. “Pivotal Trial of an Autonomous AI-Based Diagnostic System for Detection of Diabetic Retinopathy in Primary Care Offices.” Npj Digital Medicine 1 (1): 1–8. https://doi.org/10.1038/s41746-018-0040-6.

Attia, Zachi I., Peter A. Noseworthy, Francisco Lopez-Jimenez, Samuel J. Asirvatham, Abhishek J. Deshmukh, Bernard J. Gersh, Rickey E. Carter, et al. 2019. “An Artificial Intelligence-Enabled ECG Algorithm for the Identification of Patients with Atrial Fibrillation During Sinus Rhythm: A Retrospective Analysis of Outcome Prediction.” The Lancet 394 (10201): 861–67. https://doi.org/10.1016/S0140-6736(19)31721-0.

Beam, Andrew L., Arjun K. Manrai, and Marzyeh Ghassemi. 2020. “Challenges to the Reproducibility of Machine Learning Models in Health Care.” JAMA 323 (4): 305–6. https://doi.org/10.1001/jama.2019.20866.

Char, Danton S., Nigam H. Shah, and David Magnus. 2018. “Implementing Machine Learning in Health Care: Addressing Ethical Challenges.” New England Journal of Medicine 378 (11): 981–83. https://doi.org/10.1056/NEJMp1714229.

Daneshjou, Roxana, Kailas Vodrahalli, Roberto A. Novoa, Melissa Jenkins, Weixin Liang, Veronica Rotemberg, Justin Ko, et al. 2022. “Disparities in Dermatology AI Performance on a Diverse, Curated Clinical Image Set.” Science Advances 8 (32): eabq6147. https://doi.org/10.1126/sciadv.abq6147.

Finlayson, Samuel G., John D. Bowers, Joichi Ito, Jonathan L. Zittrain, Andrew L. Beam, and Isaac S. Kohane. 2019. “Adversarial Attacks on Medical Machine Learning.” Science 363 (6433): 1287–89. https://doi.org/10.1126/science.aaw4399.

Finlayson, Samuel G., Adarsh Subbaswamy, Karandeep Singh, John Bowers, Annabel Kupke, Jonathan Zittrain, Isaac S. Kohane, and Suchi Saria. 2021. “The Clinician and Dataset Shift in Artificial Intelligence.” New England Journal of Medicine 385 (3): 283–86. https://doi.org/10.1056/NEJMc2104626.

He, Jiang, Sally L. Baxter, Jie Xu, Jiming Xu, Xingtao Zhou, and Kang Zhang. 2019. “The Practical Implementation of Artificial Intelligence Technologies in Medicine.” Nature Medicine 25 (1): 30–36. https://doi.org/10.1038/s41591-018-0307-0.

Kelly, Christopher J., Alan Karthikesalingam, Mustafa Suleyman, Greg Corrado, and Dominic King. 2019. “Key Challenges for Delivering Clinical Impact with Artificial Intelligence.” BMC Medicine 17 (1): 1–9. https://doi.org/10.1186/s12916-019-1426-2.

Lehman, Constance D., Robert D. Wellman, Diana S. M. Buist, Karla Kerlikowske, Anna N. A. Tosteson, and Diana L. Miglioretti. 2015. “Diagnostic Accuracy of Digital Screening Mammography with and Without Computer-Aided Detection.” JAMA Internal Medicine 175 (11): 1828–37. https://doi.org/10.1001/jamainternmed.2015.5231.

Nagendran, Myura, Yang Chen, Christopher A. Lovejoy, Anthony C. Gordon, Matthieu Komorowski, Hugh Harvey, Eric J. Topol, John P. A. Ioannidis, Gary S. Collins, and Mahiben Maruthappu. 2020. “Artificial Intelligence Versus Clinicians: Systematic Review of Design, Reporting Standards, and Claims of Deep Learning Studies.” BMJ 368. https://doi.org/10.1136/bmj.m689.

Obermeyer, Ziad, Brian Powers, Christine Vogeli, and Sendhil Mullainathan. 2019. “Dissecting Racial Bias in an Algorithm Used to Manage the Health of Populations.” Science 366 (6464): 447–53. https://doi.org/10.1126/science.aax2342.

Price, W. Nicholson, and I. Glenn Cohen. 2019. “Privacy in the Age of Medical Big Data.” Nature Medicine 25 (1): 37–43. https://doi.org/10.1038/s41591-018-0272-7.

Rajkomar, Alvin, Jeffrey Dean, and Isaac Kohane. 2019. “Machine Learning in Medicine.” New England Journal of Medicine 380 (14): 1347–58. https://doi.org/10.1056/NEJMra1814259.

Reddy, Sandeep, Sonia Allan, Simon Coghlan, and Paul Cooper. 2020. “A Governance Model for the Application of AI in Health Care.” Journal of the American Medical Informatics Association 27 (3): 491–97. https://doi.org/10.1093/jamia/ocz192.

Rudin, Cynthia. 2019. “Stop Explaining Black Box Machine Learning Models for High Stakes Decisions and Use Interpretable Models Instead.” Nature Machine Intelligence 1: 206–15. https://doi.org/10.1038/s42256-019-0048-x.

Sendak, Mark P., William Ratliff, David Sarro, Elizabeth Alderton, Joseph Futoma, Michael Gao, Marshall Nichols, et al. 2020. “Real-World Integration of a Sepsis Deep Learning Technology into Routine Clinical Care: Implementation Study.” JMIR Medical Informatics 8 (7): e15182. https://doi.org/10.2196/15182.

Topol, Eric J. 2019. “High-Performance Medicine: The Convergence of Human and Artificial Intelligence.” Nature Medicine 25 (1): 44–56. https://doi.org/10.1038/s41591-018-0300-7.

Wong, Andrew, Erkin Otles, John P. Donnelly, Andrew Krumm, Jeffrey McCullough, Olivia DeTroyer-Cooley, Justin Pestrue, et al. 2021. “External Validation of a Widely Implemented Proprietary Sepsis Prediction Model in Hospitalized Patients.” JAMA Internal Medicine 181 (8): 1065–70. https://doi.org/10.1001/jamainternmed.2021.2626.