The UK wants to build the "most AI-enabled healthcare system in the world." That ambition is noble. The problem is that the regulations meant to keep that AI safe and effective are, by the industry's own assessment, fundamentally broken.
A new report from the MHRA's National Commission on the Regulation of AI in Healthcare — based on responses from 761 stakeholders including NHS bodies, industry, academia, and patient groups — delivers a damning verdict on the current framework. Seven in ten respondents disagreed or strongly disagreed that existing regulations are sufficient on safety and performance standards. Six in ten said the same about data privacy and governance. More than half want either substantial revision or a complete overhaul.
This isn't nitpicking. These are the people actually building, deploying, and working with AI systems in clinical settings saying the rules don't work.
What's Wrong With The Current Setup
Right now, AI in UK healthcare falls under the medical device regulation (MDR). That means AI-powered diagnostic tools, clinical decision support systems, and predictive algorithms get lumped in with hardware medical devices. The problem is that software doesn't behave like a pacemaker. An AI model can drift, learn, and change behaviour in ways a physical device simply cannot.










