JMIR Publications

ABSTRACT

Background:

The integration of AI within clinical workflows is anticipated even prior to achieving full compliance with the MyHealth@EU framework. Myriad use cases have been presented internationally and garnered media attention. AI-based Clinical Decision Support Systems (CDSS) are automatically classified as high-risk under the EU AI Act, while cross-border data sharing in Europe must satisfy the MyHealth@EU interoperability rules. Development teams will inevitably face a dual-compliance challenge: vertical safety and ethics controls mandated by the AI Act, and horizontal semantic-transport requirements enforced through OpenNCP software’s gateways; some of which are yet to be brought to production readiness.

Objective:

The aim of the paper is to provide a practical, phase-oriented tutorial that enables developers and providers to embed AI Act controls prior to approaching the MyHealth@EU interoperability tests. The goal is to enable the inclusion of AI-specific tags in the HL7 CDA and HL7 FHIR messages without compromising the standard structure, while ensuring trustworthiness in the AI-aided clinical decision.

Methods:

We systematically analysed Regulation (EU) 2024/1689 (henceforth “AI Act”) and the MyHealth@EU/OpenNCP technical specifications, cross-referencing official guidance and semantic assets to extract a harmonised set of overlapping compliance obligations.

Results:

The mandated duties within the AI Act’s transparency, provenance, and robustness provisions are precisely overlaid onto the existing MyHealth@EU workflow. These define where any outgoing clinical message must record AI involvement, log the provenance of this involvement, and trigger validation of the information. A lean extension set adds AI contribution status, rationale, risk class, and an Annex IV (AI Act) link while remaining schema compliant. A phase-based checklist then threads every high-risk AI control giving developers one path to simultaneous AI-Act and MyHealth@EU alignment.

Conclusions:

AI-enabled clinical software succeeds only when AI Act safeguards and MyHealth@EU interoperability rules are engineered together from ‘day zero’. The proposed checklist and lightweight CDA/FHIR extensions let developers embed, test, and prove high-risk AI compliance while injecting the necessary AI metadata directly into standard messages. This integrated blueprint cuts duplication of effort and delivers clinically trustworthy, AI-annotated reports that flow safely and instantly across national borders. Clinical Trial: N/A