Regulation and Compliance in Digital Health Innovations

Q1. In today’s digital-first healthcare world, how can regulatory bodies maintain a balance between rigorous compliance protocols and the need for rapid innovation, especially during public health emergencies or tech surges?

Lauren Harkins:

The challenge is to build regulatory systems that can flex under pressure without losing trust. Public health emergencies have shown it is possible to move quickly with exceptional authorisations or supported rapid access - embedding real world evidence models and time bound approvals can support innovation proceed safely. Looking ahead, regulators need to be ahead of the game, staying close to emerging and predicting future trends and setting clear expectations for new technologies early.

Q2. With AI models being adopted in diagnostics, triage, and monitoring, how can we design robust regulatory frameworks that ensure clinical safety and algorithmic fairness - while still enabling learning algorithms to evolve with real-world data?

Lauren Harkins: 

AI models need room to learn but not at the cost of trust and safety. The key is structure: set clear rules upfront, monitor performance in real time, and ensure transparency. Adaptive systems can still meet high standards for clinical safety and fairness. But AI is evolving fast. Recent comparisons of AI and clinicians solving complex diagnostic cases highlight that. We need regulation that is agile and forward-looking so it guides the market rather than constantly trying to catch up.

Philippe Gerwill: 

To regulate AI effectively, we need a quantum leap in mindset. Traditional frameworks are not designed for learning systems. Regulators must unlearn linear models and embrace evolving, real-world feedback loops. We need dynamic, ethically grounded frameworks that promote safety, equity, and agility, not delay. Co-designing with clinicians and patients will ensure fairness isn’t an afterthought but a foundational principle.

Q3. The idea of international regulatory harmonization is frequently discussed, but rarely implemented. What are the practical barriers you see in aligning digital health compliance standards globally, especially for cross-border AI, wearables, and mobile health apps?

Philippe Gerwill: 

The true barrier is not legal, it’s mental. We’re trying to standardize exponential innovation with analog-era thinking. Harmonization requires a new breed of regulator, fluent in data science, ethics, and cross-cultural agility. Let’s move beyond compliance silos toward interoperable, values-based frameworks that enable global trust in AI, wearables, and mobile health while respecting local realities.

Q4. Digital health tools are increasingly embedded into hospital systems. Are frontline healthcare providers and clinicians adequately trained to assess and respond to the digital safety risks that may arise? Should compliance education be a part of clinical training?

Lauren Harkins: 

We can’t keep treating digital as optional knowledge in healthcare so training that normalises this from the start is essential. Clinical teams need practical, real-world preparation in digital risk: what to look for and how to raise it. This is more than education; it’s about building a culture where digital safety is owned. As with medicines, patients look to clinicians for confidence and support with digital health tools and clinicians need to be equipped to meet that expectation.

Q5. The rise of AR/VR and metaverse applications in training, therapy, and rehabilitation raises new questions. How do regulators begin to frame compliance parameters for experiential, gamified, or immersive medical environments?

Philippe Gerwill 

Immersive tech can’t be governed with yesterday’s rulebooks. We need to reimagine evidence beyond clinical endpoints while integrating emotional impact, empathy, and patient engagement. Regulators must retrain, retool, and rethink their role in this new frontier. Only through multidisciplinary foresight and experimentation can we build credible guardrails for virtual care.

Q6. What role does digital ethics play in shaping future regulation? Do you believe ethical frameworks can co-evolve with compliance structures, or will ethics always remain a step ahead, challenging regulators to catch up?

Lauren Harkins: 

Ethics should lead regulation and shape policy, but we need to stop treating it as ‘thing over there’. In health, if fairness, transparency, and accountability are innately the way that we operate, aka ‘ethics by design’ then compliance becomes a byproduct of just doing the right thing with regulation not siting above that as a separate or higher threshold.

Philippe Gerwill: 

Ethics must no longer lag behind compliance, it must lead. But this demands unlearning traditional regulatory inertia and welcoming agile, participatory ethics boards as part of the ecosystem. We need an evolving moral compass that helps regulators anticipate dilemmas and fosters inclusive, cross-sector collaboration from the design stage onward.

Q7. Transparency in AI-based decision-making is key. How should healthcare systems ensure explainability of algorithms to patients and practitioners? And who is responsible - regulators, developers, or providers - when a black-box algorithm leads to a critical failure?

Lauren Harkins:

We can only progress at the speed of trust. Clinicians need confidence that AI augments their expertise so we need both transparent validation processes and accessible and tailored explanations for both clinicians and patients. Regulators need to provide the guardrails with proactive frameworks, developers must embed explainability and transparency and health organisations must be intelligent buyers and partners in development. 

Philippe Gerwill: 

The idea that explainability is a tech problem is outdated. It’s a human problem. Responsibility is collective: regulators must set clear mandates, developers must design for clarity, and providers must ensure meaningful oversight. Most of all, we must stop tolerating black-box care. Trust requires transparency, not just legally, but emotionally.

Q8. Is there a viable model for establishing “living compliance frameworks” that can evolve continuously, much like the technologies they’re designed to govern? Or will regulation always remain reactive to innovation?

Lauren Harkins:

I do think we can build living frameworks, moving away from blanket re-certification towards a proportionate, continuous assurance model that evolves alongside technology. But only if we are clear about the why and the boundaries and the likely increased resource burden on regulators globally. Not everything regulatory element can or should change constantly and so frameworks need to be designed to adapt intelligently based on risk, evidence and need.

Q9. Many digital health startups focus on speed-to-market, often bypassing deep regulatory knowledge. How can we create stronger bridges between tech innovators and compliance leaders, especially in the early product design stages?

Lauren Harkins

Too many startups still see regulation as something for later down the line once the product is built. We need to flip that. As with any regulated industry there is a requirement for those who wish to play in the space to follow regulation and to sensibly factor in and recognise the cost of market entry.   Yes, that means more support and accessible guidance but this responsibility doesn’t sit with regulators alone. Governments, health systems, academia, investors, and life sciences ecosystems all have a role in creating the conditions for responsible innovation.

Philippe Gerwill: 

Let’s replace the false binary of speed versus safety. The real challenge is mindset. Compliance must be embedded from day one, not as friction, but as a force for trust and scale. That requires a new skillset among both innovators and regulators and shared spaces like co-creation hubs, regulatory liaisons, and anticipatory design labs.

Q10. Sandbox models are emerging globally as testbeds for digital health innovation. How effective are these regulatory sandboxes in fostering trust between startups and authorities, and should they become a global best practice for innovation oversight?

Philippe Gerwill

Sandboxes are promising but only if they go beyond compliance checklists. We need living labs of trust, where regulators, developers, and patients co-experiment in real time. Let’s upgrade sandboxes into strategic foresight engines, cultivating not only safety but confidence in innovation. This could become a global norm if we dare to break the mold.

Q11. As digital diagnostics become more consumer-facing (e.g., at-home tests, app-based assessments), how should compliance and liability be managed when the end-user is not a trained clinician but a patient or caregiver?

Lauren Harkins:    

We want to keep people out of hospitals to do that we need to empower our patients and support them in a different way as we put more into their hands. Collectively, we need to rethink how we approach safety, accountability, and trust as we redesign these models of care. We need to communicate risk transparently and in plain language to patients and really stress test usability, accessibility, and comprehension with real patients, caregivers, and communities across a spectrum of health and digital literacy.

Philippe Gerwill:

When diagnostics reach patients directly, we need radical simplification and trust-building. This means not just readable instructions, but culturally adapted, digitally inclusive tools. Liability frameworks must evolve, but so must our expectations: informed citizens are not passive users, they are empowered participants. Regulation must unlearn paternalism and embrace shared accountability.

Q12. What are your views on the post-market surveillance of digital health tools? With real-time usage data available, should regulators shift toward a continuous oversight model rather than traditional re-certification cycles?

Lauren Harkins: 

Yes, regulatory models need to modernise to reflect the dynamic nature of digital health and post market surveillance is a core part of the continuous oversight model. Now and in the future, we need to ensure that healthcare organisations and patients are actively reporting in a way that isn’t seen as yellow carding a problem but ensuring any performance issues are caught early, unintended consequences are captured thus enabling companies to respond on a more real time basis to emerging evidence.

Q13. You’ve both emphasized human-centered design and patient empowerment. How can regulation encourage inclusive innovation that reflects the needs of diverse populations without becoming a bottleneck for developers?

Lauren Harkins: 

Inclusion is a conscious choice and if we want innovation to meet the needs of diverse populations, those needs and differences need to be well understood. I think regulators can help by setting expectations, whether that’s around representative data, accessible design, or who is involved in testing. The real challenge is making this truly part of the process and being clear on what is expected in terms of evidencing this. Again, buyers have a key role in this too.

Philippe Gerwill: 

Diversity must be built into the design and not patched in later. We need a new regulatory consciousness that values lived experience, not just technical validation. By requiring inclusivity metrics and co-design with underrepresented users, regulation can become a driver of equity. It’s time to relearn what evidence looks like.

Q14. What’s one policy-level shift or regulatory reform you believe is crucial today to prepare for the digital healthcare landscape of 2030?

Lauren Harkins: 

I talked earlier about future trends and how we need to be enabling markets. By 2030, next-gen wearables will be far further into the diagnostics space. I think healthcare organisations have found it tricky to navigate what can be done and how to make best use of clinically relevant, patient generated data. As device capability increases we need to be really clear and supportive in this space and ahead of the game.

Philippe Gerwill: 

We must take a quantum leap from reactive control to proactive enablement. That begins with creating agile, interdisciplinary foresight units inside every regulatory body. But more importantly, we need to rebuild trust through co-creation, inclusion, and transparent learning cycles. In the end, regulation isn’t just about risk but it’s about shared responsibility for the future.

Q15. Finally, if you could redesign a regulatory framework from scratch for digital health, what would be your top three principles?

Lauren Harkins: 

Equitable, accessible, and user-centric. However, I think there is a need now more than ever to bring redesign up a level to an ecosystem one and really bring together regulation with access and value whilst recognising the independent role regulatory authorities intentionally play. Ultimately, we all want to get the best products into the hands of patients that deliver value and improve outcomes. 

Philippe Gerwill:

1. Human-Centricity: Serve people, not processes.
2. Agility with Accountability: Build adaptive systems, with embedded safeguards.
3. Trust by Design: Design transparency, diversity, and ethics into every layer. Above all, we need regulators willing to think differently, to unlearn, relearn, and co-evolve with innovation.

On behalf of AmericanHHM Magazine, thank you to Lauren Harkins and Philippe Gerwill for sharing your insights on the challenges and opportunities in digital health regulation. Your perspectives help us better understand how to innovate responsibly in a rapidly evolving healthcare landscape.

Thank you to our audience for joining us in this important conversation.

--Issue 06--