Governing AI in the European Union: emerging infrastructures and regulatory ecosystems in health

The European Union (EU) has been at the forefront of developing sophisticated artificial intelligence (AI) and data governance frameworks, driven by a commitment to data protection, digital rights, fundamental values and ethical standards. This chapter examines the evolving EU AI-related regulations and their potential implications for healthcare, highlighting key instruments including the Artificial Intelligence Act (AI Act), the AI Liability Directive (AILD) and the revised Product Liability Directive (revised PLD), and their intersection with AI medical devices under the Medical Device Regulation (MDR) and generative AI (GenAI). Additionally, it delves into the complex interplay between the General Data Protection Regulation (GDPR) and the AI Act, alongside an examination of the sector-specific European Health Data Space (EHDS) regulation, underscoring the need for additional instruments to govern non-personal data sharing. While the EU’s multifaceted regulatory framework aims to strike a balance between seizing the opportunities of recent AI developments and safeguarding against potential harms, challenges arise from overlapping regulations and the lack of specific healthcare focus. As these regulations come into force, systematic analyses will be imperative to fully assess their impact. Ultimately, calibrating the risks of over- and under-regulation will be a delicate task where potential trade-offs will have to be carefully considered with a keen eye on international competition and the protection of fundamental values.