---
title: "Agent governance in healthcare: EU AI Act, EHDS and the Nordic compliance stack"
date: 2026-04-07
author: david
excerpt: "Healthcare has always been the most heavily regulated domain for technology. AI agents are about to collide with five European regulations simultaneously, and 92.7% of healthcare organizations with active agent deployments already report security incidents."
category: governance
tags: [governance, healthcare, eu-ai-act, gdpr, ehds, nordic, compliance, medical-devices, nis2]
draft: false
tldr: "Healthcare AI agents face five converging European regulations: the EU AI Act, GDPR, the European Health Data Space, the Medical Device Regulation and NIS2. ECRI named AI the number one health technology hazard for both 2025 and 2026. Among organizations with active agent deployments, 92.7% of healthcare organizations reported security incidents, the highest of any industry. Governance requires agent identity controls, immutable audit trails, tiered human oversight with clinical accountability, continuous post-market monitoring and cross-border data governance across the EHDS."
seo:
  title: "Agent governance in healthcare: EU AI Act, EHDS and the Nordic compliance stack | Roval"
  description: "Five European regulations converge on healthcare AI agents. A practical governance framework for the EU AI Act, GDPR, EHDS, MDR and NIS2 compliance."
faqs:
  - question: "Does the EU AI Act apply to healthcare AI agents?"
    answer: "Yes. Healthcare agents fall under the Act through multiple pathways. Agents used for emergency triage are explicitly high-risk under Annex III point 5(d). Agents used for health insurance risk assessment are high-risk under 5(c). Agents evaluating eligibility for healthcare services are high-risk under 5(a). And any agent that qualifies as a medical device under the MDR is automatically high-risk under Article 6(1). Administrative agents (scheduling, billing) may qualify for the Article 6(3) derogation if they perform narrow procedural tasks."
  - question: "How do GDPR and the AI Act interact for healthcare agents?"
    answer: "They apply in parallel. GDPR governs the data protection aspects (lawful basis for processing health data, data minimization, data subject rights, breach notification). The AI Act governs the system-level aspects ([risk classification](/research/blog/ai-agent-risk-classification), technical documentation, human oversight, logging, accuracy). Both require audit trails. Both require impact assessments. The efficient approach is one unified governance framework that generates evidence for both simultaneously."
  - question: "What is the EHDS and why does it matter for agent governance?"
    answer: "The European Health Data Space is an EU regulation (applying from March 2026) that creates infrastructure for cross-border health data exchange and secondary use. EHR systems must expose standardized APIs. National Health Data Access Bodies govern secondary data use. For AI agents, the EHDS means new data flows to govern. Agents may access patient data across borders, requiring compliance with multiple national frameworks simultaneously."
  - question: "What's the liability exposure for healthcare AI in Europe?"
    answer: "The revised EU Product Liability Directive removes the 85 million euro cap on personal injury liability. Latent injury liability extends up to 25 years. Courts can presume defectiveness for opaque AI systems. AI system logs, risk assessments and audit trails are discoverable. Human-in-the-loop doesn't automatically break the causal chain. The audit trail is your primary defense, and if it's absent, the court presumes your system was defective."
  - question: "How should Nordic healthcare organizations approach compliance?"
    answer: "Build one unified governance infrastructure that satisfies the AI Act, NIS2, GDPR and ISO 42001 simultaneously. Start with a single agent inventory covering risk tier, data categories and regulatory exposure. Implement one incident response workflow with three triggers (cybersecurity incident, data breach, AI serious incident). Conduct combined risk assessments addressing GDPR DPIA, AI Act fundamental rights, NIS2 cyber risks and ISO 42001 requirements. Nordic organizations that treat these as four separate programs will spend more and move slower."
  - question: "Where does Roval fit?"
    answer: "Roval is the enterprise system of record for AI agents. For healthcare organizations, the platform provides the unified agent registry with health-data-aware risk classification, compliance certification against GDPR, the EU AI Act and custom healthcare frameworks, continuous drift detection, immutable audit trails for litigation readiness and production gates that block uncertified clinical agents from reaching production. One platform, one governance workflow, multiple regulatory frameworks satisfied."
---

## The most governed industry meets the least governed technology

Healthcare has always been the most heavily regulated domain for technology. Every system that touches patient data, clinical decisions or care delivery operates under layers of compliance obligations: GDPR, the EU Medical Device Regulation, national health data laws and professional codes of conduct that date back centuries.

AI agents are about to collide with all of them simultaneously.

The collision is already producing casualties. [ECRI](https://home.ecri.org/blogs/ecri-news/artificial-intelligence-tops-2025-health-technology-hazards-list), the global healthcare safety nonprofit, named AI in healthcare the number one health technology hazard for both 2025 and 2026. Their president, Marcus Schabacker, put it directly: "Balancing innovation in AI with privacy and safety will be one of the most difficult, and most defining, endeavors of modern medicine."

For organizations building [agent inventories](/solutions/agent-inventory) today, healthcare is where the governance gap is widest, and where the consequences of that gap are most severe.

:::fact{title="Healthcare AI incidents by the numbers"}
Gravitee's State of AI Agent Security 2026 report found that among organizations with active AI agent deployments, 88% reported confirmed or suspected security incidents in the past year. In healthcare, that number climbs to 92.7%, the highest of any industry. An academic analysis of 82 health-related AI incidents found that 18% had high or critical severity, including cases where AI algorithms delayed organ transplants and caused errors in patient allocation.
:::

This article maps the European regulatory stack for healthcare AI agents (the EU AI Act, GDPR, the European Health Data Space, the Medical Device Regulation and NIS2), explains why autonomous agents create governance challenges that traditional healthcare IT never faced and provides a practical framework for Nordic and European healthcare organizations navigating this convergence.

## The European healthcare AI regulatory stack

Healthcare organizations deploying AI agents in Europe don't face one regulation. They face five, converging simultaneously.

**EU AI Act (high-risk requirements from August 2026).** The Act classifies several healthcare AI use cases as high-risk under [Annex III](https://artificialintelligenceact.eu/annex/3/): AI evaluating eligibility for healthcare services (5a), AI for risk assessment and pricing in life and health insurance (5c) and AI for emergency triage and dispatch classification (5d). Any AI system that qualifies as a medical device under the MDR and requires third-party conformity assessment is automatically high-risk under [Article 6(1)](https://artificialintelligenceact.eu/article/6/). A [PMC analysis of the Act's healthcare implications](https://pmc.ncbi.nlm.nih.gov/articles/PMC11319791/) notes that approximately 75% of all commercial AI-enabled medical devices are in radiology, and almost all are classified as Class IIa or above under the MDR, meaning most will be automatically classified as high-risk under the AI Act.

<figure>
<a href="https://pmc.ncbi.nlm.nih.gov/articles/PMC11319791/" target="_blank" rel="noopener"><img src="/images/blog/pmc-eu-ai-act-healthcare.png" alt="PMC analysis: Navigating the European Union Artificial Intelligence Act for Healthcare" loading="lazy" decoding="async" /></a>
<figcaption>Navigating the EU AI Act for healthcare. Approximately 75% of commercial AI-enabled medical devices are in radiology, and almost all qualify as high-risk | <a href="https://pmc.ncbi.nlm.nih.gov/articles/PMC11319791/" target="_blank" rel="noopener">Source</a></figcaption>
</figure>

**GDPR (in force since 2018, but with new AI-specific enforcement).** Every healthcare AI agent that processes patient data is processing personal data, and often special category data (health data) under Article 9. The [European Data Protection Supervisor published orientations](https://www.edps.europa.eu/system/files/2025-10/25-10_28_revised_genai_orientations_en.pdf) in 2025 on applying data protection principles to generative AI, reinforcing that purpose limitation, data minimization and transparency obligations apply fully to AI systems.

**European Health Data Space (EHDS, regulation applies from March 2026).** The [EHDS](https://health.ec.europa.eu/ehealth-digital-health-and-care/european-health-data-space-regulation-ehds_en) creates a framework for cross-border health data exchange and secondary use. EHR systems must expose standardized APIs. National Health Data Access Bodies will govern secondary use permits. This is the data infrastructure that healthcare AI agents will increasingly connect to, and governance of agent access to EHDS data will become a compliance requirement. The EHDS is expected to generate 11 billion euros in savings over the next decade by enhancing data accessibility, but only if the governance layer keeps pace.

<figure>
<div style="position:relative;padding-bottom:56.25%;height:0;overflow:hidden;border-radius:8px;border:1px solid var(--border)"><iframe src="https://www.youtube.com/embed/p3NAXypKHsM" title="How could the European Health Data Space boost the e-health sector?" style="position:absolute;top:0;left:0;width:100%;height:100%;border:0" allow="accelerometer;autoplay;clipboard-write;encrypted-media;gyroscope;picture-in-picture" allowfullscreen loading="lazy"></iframe></div>
<figcaption>How could the European Health Data Space boost the e-health sector? | <a href="https://www.youtube.com/watch?v=p3NAXypKHsM" target="_blank" rel="noopener">YouTube</a></figcaption>
</figure>

**EU Medical Device Regulation (MDR).** AI that qualifies as Software as a Medical Device ([SaMD](https://mdxcro.com/samd-compliance-guide-mdr-ai-act/)) must undergo conformity assessment, CE marking and post-market surveillance. Clinical decision support tools, diagnostic AI and triage systems are all potentially in scope. The MDR and the AI Act apply in parallel, meaning healthcare AI providers face dual compliance obligations.

**NIS2 Directive (enforcement timelines vary by Nordic country).** NIS2 imposes cybersecurity and incident reporting obligations on essential service providers, including healthcare. As [Twoday's Nordic AI governance analysis](https://www.twoday.com/blog/nordic-ai-governance-in-2026) details, the Nordic enforcement timeline is staggered: Denmark's NIS2 has been mandatory since July 2025, Sweden's entered force in January 2026, Finland's AI Act supervision became active in January 2026 and Norway's AI Act implementation is expected in summer 2026.

No healthcare sector has faced this many overlapping AI regulations at once. Twoday's Alina Negulescu argues that Nordic organizations should build a single unified governance infrastructure (one AI system inventory covering risk tier, sector, data categories, supplier and purpose) that satisfies NIS2, GDPR, the AI Act and ISO 42001 simultaneously, rather than maintaining four separate compliance programs.

## Why healthcare agents are different

Healthcare AI agents don't just process data. They access the most sensitive category of personal data that exists (health records), they operate in environments where errors can cause physical harm or death and they interact with systems (EHRs, pharmacy systems, lab information systems) that are deeply embedded in clinical workflows.

Three characteristics make healthcare agents uniquely challenging to govern.

### The decision authority spectrum

Not all healthcare agents carry the same risk, and the governance requirements should reflect this. A scheduling agent that books patient appointments operates in a fundamentally different risk category than a clinical decision support agent that recommends treatment protocols.

| Agent type | Decision authority | Data access | Risk tier |
|---|---|---|---|
| Scheduling and booking | Read-only, administrative | Minimal (name, appointment) | Low |
| Billing and claims processing | Execute with business rules | Moderate (diagnosis codes, dates of service) | Medium |
| Clinical documentation and transcription | Generate content, human reviews | High (full clinical encounter notes) | High |
| Triage and patient routing | Recommend priority, human acts | High (symptoms, vitals, history) | High |
| Clinical decision support | Recommend treatment, clinician acts | Full (complete patient record) | Critical |
| Autonomous treatment decisions | Act with minimal oversight | Full | Critical |

The EU AI Act's Annex III reinforces this spectrum. Emergency triage systems are explicitly listed as high-risk ([Recital 58](https://artificialintelligenceact.eu/recital/58/) explains that these "make decisions in very critical situations for the life and health of persons"). Insurance risk assessment and pricing for life and health insurance are high-risk under Annex III point 5(c). But a scheduling agent that doesn't materially influence care decisions may qualify for the [Article 6(3) derogation](https://artificialintelligenceact.eu/article/6/) as a "narrow procedural task."

The governance framework must classify each agent on this spectrum and calibrate oversight accordingly, not apply the same controls to a billing bot and a diagnostic agent.

### The minimum necessary principle, reimagined for agents

One of GDPR's foundational principles (and a longstanding healthcare governance requirement) is data minimization. Agents should access only the data they need for their specific function.

This principle, already well-established in European healthcare, takes on new urgency with AI agents. An agent that processes insurance claims needs diagnosis codes and dates of service. It does not need the patient's therapy notes. A transcription agent needs the audio of a clinical encounter. It does not need the patient's full longitudinal record.

But AI agents, by their nature, are often configured with broad access to perform well across varied scenarios. The temptation is to give an agent read access to the entire EHR "just in case." This is precisely what data minimization prohibits, and it's where most healthcare organizations will face their first governance challenge with agents.

Every healthcare agent needs a data access scope that is documented, justified, technically enforced (not just policy-stated) and auditable. The agent registry must capture what data each agent can access, and the monitoring layer must verify that access stays within those boundaries.

### The audit trail as a liability shield

In European healthcare, the audit trail is not just a compliance requirement. It is a legal defense.

The [revised EU Product Liability Directive](https://www.twobirds.com/en/insights/2025/liability-of-healthcare-ai-providers-in-the-eu-how-to-navigate-risks-in-a-shifting-regulatory-ecosys), set to be transposed into member-state law by December 2026, removes the previous 85 million euro liability cap for personal injury from AI systems. Latent injury liability extends up to 25 years. And in cases involving "black-box" AI where causation is difficult to prove, courts can presume the product was defective unless the provider demonstrates otherwise.

:::fact{title="The litigation readiness imperative"}
If an agent contributes to a diagnostic error, a treatment delay or a patient harm event, the provider's audit trail becomes the primary evidence in litigation. The trail must show exactly what data the agent accessed, what reasoning chain it followed, what tools it invoked and what human oversight was available. If the audit trail is absent, incomplete or fragmented, the court can presume defectiveness. Latent injury liability extends up to 25 years under the revised Product Liability Directive.
:::

For healthcare organizations, this shifts the governance calculation. An incomplete audit trail is no longer a compliance gap. It is a legal vulnerability. Every agent interaction with clinical data must be logged with enough detail to reconstruct the decision chain years after the event. The organizations investing in this infrastructure now are building their litigation defense in advance, not after an incident.

The identity layer is equally critical. Healthcare AI agents often inherit the access credentials of the clinician who deployed them, creating a shadow permission structure that no CISO can audit. When an agent acts on behalf of a physician, who is accountable: the physician, the agent's developer or the organization?

Dr. Sean Kelly, chief medical officer at Imprivata and an emergency physician at Beth Israel Deaconess Medical Center, captured the identity governance challenge at [HIMSS26](https://www.healthcaredive.com/news/himss-2026-takeaways-ai-innovation-agents-cybersecurity-governance-interoperability/814812/):

:::cite{name="Dr. Sean Kelly" title="Chief Medical Officer, Imprivata" avatar="/images/experts/sean-kelly.jpg" linkedin="https://linkedin.com/in/erdrsean"}
If you have agentic agents doing things in healthcare, it's a complex and messy situation... The problem is that leaves you very vulnerable because it's even harder than human identity to control and to understand.
:::

## The five governance requirements that hit healthcare agents hardest

### 1. Agent identity and access controls

Every healthcare AI agent needs a unique, verifiable identity, the same governance rigor applied to human users accessing clinical systems. This means individual credentials (not shared API keys), role-based access scoped to the agent's specific function and audit-logged authentication for every system interaction.

The AI Act's [Article 14](https://artificialintelligenceact.eu/article/14/) requires that high-risk AI systems be designed for effective human oversight, including the ability to identify the system and its actions. NIS2 requires identity management for systems accessing essential service infrastructure. GDPR requires that data processing be traceable to specific processors and purposes.

For healthcare specifically, agent identities must integrate with existing clinical identity management. The same systems that govern which physicians can access which patient records must extend to govern which agents can access which data. An agent operating in a radiology workflow should not have credentials that grant access to behavioral health records.

### 2. Immutable audit trails

The EU AI Act's [Article 12](https://artificialintelligenceact.eu/article/12/) requires automatic event logging for high-risk AI systems throughout their lifetime. For healthcare agents, this means logging every clinical data access, every tool invocation, every recommendation generated and every handoff to a human clinician, with sufficient detail to enable post-hoc assessment of any decision.

The [academic framework for auditable clinical AI](https://pmc.ncbi.nlm.nih.gov/articles/PMC12913532/) published in 2026 proposes a tamper-evident audit logging mechanism that records the original query, patient data elements accessed (stored as cryptographic hashes for privacy), unique identifiers of retrieved evidence sources and the specific reasoning steps taken. This level of traceability isn't theoretical aspiration. It's what the Product Liability Directive will make discoverable in litigation.

Dr. Ed Lee, chief medical officer at Nabla, stressed the tiered governance imperative at [HIMSS26](https://www.healthcaredive.com/news/himss-2026-takeaways-ai-innovation-agents-cybersecurity-governance-interoperability/814812/):

:::cite{name="Dr. Ed Lee" title="Chief Medical Officer, Nabla" avatar="/images/experts/ed-lee.jpg" linkedin="https://linkedin.com/in/edlee-md-mph"}
Especially as we're talking and moving into things like agentic AI, where things are potentially happening in an autonomous way, there may be even further guardrails so that we don't do the wrong thing. We always have the patient's wellbeing in mind and safety and quality are of most importance.
:::

### 3. Human oversight with clinical accountability

The AI Act's Article 14 requires that humans can understand the system's output, override or reverse it and halt the system through a stop mechanism. In healthcare, this translates to a specific requirement: the clinician must retain clinical accountability for every decision, even when an AI agent contributed to the reasoning.

This creates a design constraint for healthcare agents. The agent must present its recommendations in a way that the clinician can critically evaluate, not just accept. Confidence intervals, flagged uncertainties and highlighted edge cases are not optional UX features; they're governance requirements.

The [Two Birds liability analysis](https://www.twobirds.com/en/insights/2025/liability-of-healthcare-ai-providers-in-the-eu-how-to-navigate-risks-in-a-shifting-regulatory-ecosys) notes that human-in-the-loop doesn't automatically shield the AI provider from liability. Manufacturers must foresee clinician errors (alarm fatigue, cognitive overload during high-workload shifts, misinterpretation of AI outputs) and design safeguards accordingly. An audit trail that shows the clinician "approved" the AI's recommendation doesn't protect the provider if the approval interface was designed in a way that discouraged critical review.

### 4. Continuous post-market monitoring

The AI Act's [Article 72](https://artificialintelligenceact.eu/article/72/) requires providers of high-risk AI systems to establish post-market monitoring that actively and systematically collects data on performance throughout the system's lifetime. For healthcare agents, this means monitoring not just technical performance (latency, error rates) but clinical performance: are the agent's recommendations accurate? Are they consistent across patient populations? Is performance degrading over time?

This is where traditional MLOps monitoring falls short. An agent's model-level metrics might be stable while its clinical recommendations drift, because the data environment changed, because a guideline was updated or because the patient population shifted. Healthcare agents require behavioral monitoring that tracks the quality of clinical outputs, not just the performance of underlying models.

The MDR adds a parallel requirement: post-market surveillance for any agent classified as a medical device. The surveillance must detect safety issues, track complaint trends and trigger corrective action when problems emerge.

### 5. Data governance across the EHDS

As the European Health Data Space comes into force, healthcare agents will increasingly access data through standardized APIs and cross-border exchange mechanisms. Every access must comply with GDPR principles, EHDS permit conditions and national health data laws.

The governance challenge is that EHDS creates new data flows that didn't exist before. An agent in a Danish hospital might access patient data from a Swedish EHR through the EHDS infrastructure. Who governs that agent's access? The Danish Health Data Access Body, the Swedish one, or both? The regulatory answer is still being worked out, but the governance infrastructure must be ready.

## The Nordic context: converging compliance, diverging timelines

The Nordics are uniquely positioned for healthcare AI governance, and uniquely exposed to its challenges. Nordic countries have the most digitized healthcare systems in Europe, the strongest public health data registries and the highest rates of AI adoption. They also face the most compressed compliance timeline.

[Twoday's analysis](https://www.twoday.com/blog/nordic-ai-governance-in-2026) maps the convergence: Denmark's NIS2 is already mandatory. Sweden's NIS2 entered force in January 2026, and uniquely among the Nordics, Sweden can impose fines on both public and private entities, and management may face prohibitions on holding management functions. Finland became the first Nordic country with active AI Act supervision in January 2026. Norway's AI Act implementation is expected in summer 2026.

<figure>
<a href="https://www.twoday.com/blog/nordic-ai-governance-in-2026" target="_blank" rel="noopener"><img src="/images/blog/twoday-nordic-ai-governance.png" alt="Twoday analysis: Nordic AI Governance in 2026" loading="lazy" decoding="async" /></a>
<figcaption>Nordic AI governance in 2026. Staggered NIS2 enforcement, converging compliance timelines | <a href="https://www.twoday.com/blog/nordic-ai-governance-in-2026" target="_blank" rel="noopener">Source</a></figcaption>
</figure>

The practical reality is that Nordic healthcare organizations need to comply with the AI Act, NIS2, GDPR and in many cases ISO 42001, all at once. Building four separate compliance programs is unsustainable. The organizations that will succeed are those building unified governance infrastructure: one agent registry, one risk classification framework, one audit trail, one certification workflow, covering all four frameworks simultaneously.

The FLORENCE project demonstrates what cross-border Nordic healthcare AI governance looks like in practice. This [three-year collaboration between Denmark, Norway and Sweden](https://florence.forskning.eu/en/nordic-strategy-and-action-plan/) developed federated learning infrastructure for colorectal cancer treatment using the OMOP data model. The project produced a joint Nordic strategy and national action plans, solving data harmonization, privacy-preserving computation and cross-border audit trail challenges along the way. It's a model for how clinical AI can be governed across jurisdictions, but it required deliberate governance architecture from the start.

AI Sweden's [healthcare initiative](https://www.ai.se/en/sector-initiatives-projects/healthcare), funded by Vinnova, mapped all AI initiatives across Swedish healthcare regions through its Vardkartan (Healthcare Map). The findings confirm what the governance gap implies: the majority of initiatives are in diagnostics and administration, but governance maturity varies dramatically across regions.

Fredrik Linden, founder of Hamling and contributor to the MyData Nordic Hub, captured the Nordic imperative in a [February 2026 analysis](https://mydata.org/2026/02/13/from-ai-hype-to-medical-practice-fixing-trust-and-reproducibility-in-nordic-healthcare-ai/):

:::cite{name="Fredrik Linden" title="Founder, Hamling; MyData Nordic Hub" avatar="/images/experts/fredrik-linden.jpg" linkedin="https://linkedin.com/in/fred-lind%C3%A9n"}
Healthcare AI is scaling faster than our ability to trust it. The Nordics can help set that standard globally, if we insist on governance that works where it matters most: from the point of care to the board room.
:::

His proposed Nordic trust model spans six layers (from machine-readable consent to evidence-based AI standards) built on existing Nordic infrastructure like Finland's Kanta and Sweden's 1177/NPO.

## How Roval implements healthcare agent governance

Roval is the enterprise system of record for AI agents, and the platform's architecture maps directly to the healthcare governance requirements described in this article.

**[Agent registry](/platform/agent-registry) with healthcare risk classification.** Every agent is registered with full identity, ownership and technical metadata. The [risk classification](/solutions/risk-classification) includes a data sensitivity dimension: agents accessing protected health information are automatically classified as Tier 3 (High) or above. Agents accessing health data through EHDS interfaces are flagged for cross-border governance requirements. The dependency graph maps agent connections to EHR systems, lab information systems and pharmacy platforms.

**Unified compliance certification.** Certify agents against GDPR, the EU AI Act and custom healthcare-specific frameworks (including MDR post-market surveillance requirements) from a single workflow. Per-requirement evidence tracking with document uploads, URL references and attestation text. Auto-expiry by risk tier: 90 days for Critical (clinical decision support, triage), 180 days for High (documentation, transcription), 365 days for Low (scheduling, administrative). One certification workflow satisfies multiple regulatory frameworks simultaneously, exactly the unified approach that Nordic compliance requirements demand.

**Immutable audit trail for litigation readiness.** Every agent action, data access, tool invocation and decision point recorded with actor, timestamp and before-and-after state. The trail is append-only, readable by governance and compliance teams but not modifiable by engineering teams. Exportable as CSV or JSON, filtered by agent, date range, action type or resource, ready for regulatory inquiry, audit or litigation discovery. This is Article 12 compliance and Product Liability Directive readiness in a single system.

**Continuous monitoring with clinical safety signals.** The Observer captures every tool call in real-time. The [LLM proxy](/platform/llm-monitoring) captures every prompt sent to LLM APIs with under 1ms of overhead. Policy rules evaluate [compliance](/platform/compliance) within 30 seconds. Drift detection runs every 15 minutes, catching certification expiry, configuration changes, model updates and owner departures. The circuit breaker auto-stops agents that exceed violation thresholds, the kill switch that Article 14 requires.

**Production gate enforcement.** Critical and high-risk healthcare agents cannot transition from staging to production without active, non-expired certification against all applicable frameworks. This is not a guideline. It's a hard technical block with an explanatory error. The gate ensures that no uncertified clinical agent reaches the systems where it can affect patient care.

:::cta{title="See Roval in action" description="Book a 15-minute walkthrough of the agent registry, compliance certification and LLM monitoring." cta="Book a demo" href="/demo"}
:::

## Sources and further reading

| Source | URL |
|---|---|
| EU AI Act, Annex III (High-Risk AI Systems) | https://artificialintelligenceact.eu/annex/3/ |
| EU AI Act, Article 6 (Classification Rules) | https://artificialintelligenceact.eu/article/6/ |
| EU AI Act, Article 12 (Record-Keeping) | https://artificialintelligenceact.eu/article/12/ |
| EU AI Act, Article 14 (Human Oversight) | https://artificialintelligenceact.eu/article/14/ |
| EU AI Act, Article 72 (Post-Market Monitoring) | https://artificialintelligenceact.eu/article/72/ |
| EU AI Act, Recital 58 (Emergency Triage) | https://artificialintelligenceact.eu/recital/58/ |
| European Health Data Space (EHDS) | https://health.ec.europa.eu/ehealth-digital-health-and-care/european-health-data-space-regulation-ehds_en |
| European Commission, AI in Healthcare | https://health.ec.europa.eu/ehealth-digital-health-and-care/artificial-intelligence-healthcare_en |
| EU MDR — SaMD Compliance Guide | https://mdxcro.com/samd-compliance-guide-mdr-ai-act/ |
| Two Birds, Liability of Healthcare AI Providers in the EU | https://www.twobirds.com/en/insights/2025/liability-of-healthcare-ai-providers-in-the-eu-how-to-navigate-risks-in-a-shifting-regulatory-ecosys |
| EIOPA, Opinion on AI Governance in Insurance | https://www.eiopa.europa.eu/eiopa-publishes-opinion-ai-governance-and-risk-management-2025-08-06_en |
| PMC, Navigating the EU AI Act for Healthcare | https://pmc.ncbi.nlm.nih.gov/articles/PMC11319791/ |
| PMC, Auditable Clinical AI Decision Support Framework | https://pmc.ncbi.nlm.nih.gov/articles/PMC12913532/ |
| ECRI, Top Health Technology Hazards 2025 | https://home.ecri.org/blogs/ecri-news/artificial-intelligence-tops-2025-health-technology-hazards-list |
| Gravitee, State of AI Agent Security 2026 | https://www.gravitee.io/blog/state-of-ai-agent-security-2026-report-when-adoption-outpaces-control |
| ARBOR, Exploring Critical Incidents of AI in Healthcare | https://arbor.bfh.ch/server/api/core/bitstreams/08ead439-8d38-440a-9e14-0729ab1215c3/content |
| Healthcare Dive, HIMSS26 Takeaways (March 2026) | https://www.healthcaredive.com/news/himss-2026-takeaways-ai-innovation-agents-cybersecurity-governance-interoperability/814812/ |
| Twoday, Nordic AI Governance in 2026 | https://www.twoday.com/blog/nordic-ai-governance-in-2026 |
| Fredrik Linden / MyData Nordic Hub, Healthcare AI Trust (Feb 2026) | https://mydata.org/2026/02/13/from-ai-hype-to-medical-practice-fixing-trust-and-reproducibility-in-nordic-healthcare-ai/ |
| FLORENCE Project, Nordic Strategy for AI in Cancer Treatment | https://florence.forskning.eu/en/nordic-strategy-and-action-plan/ |
| AI Sweden, Healthcare Initiative | https://www.ai.se/en/sector-initiatives-projects/healthcare |
| Karolinska Institutet, Centre for AI Innovation | https://ki.se/en/research/research-areas-centres-and-networks/research-centres/centre-for-ai-innovation |
| EDPS, Generative AI and Data Protection Orientations | https://www.edps.europa.eu/system/files/2025-10/25-10_28_revised_genai_orientations_en.pdf |
| TEF-Health, Testing Facility for Healthcare AI and Robotics | https://tefhealth.eu/as-a-whole |
| Forum Nordic, Nordic Life Science at a Crossroads (2026) | https://forumnordic.com/business/nordic-life-science-at-a-crossroads-denmark-accelerates-sweden-recalibrates-and-finland-holds-steady-as-eu-rewrites-the-rulebook/ |