An AI policy from Rotherham, Doncaster and South Humber NHS Foundation Trust has outlined its acceptable uses, practical guidance, and responsibility for the use of AI tools and systems.
“The trust is committed to fostering a culture of innovation across all levels of the organisation, encouraging staff to explore new ideas, challenge conventional practices, and embrace creative solutions that enhance patient care, operational efficiency, and workforce wellbeing,” Rotherham, Doncaster and South Humber states. “As part of this commitment, we actively support the responsible exploration and integration of emerging technologies, including artificial intelligence.”
In terms of scope, the policy is applicable to all those working for the trust in any capacity, incorporating suppliers and third parties, and to all departments or services using AI irrespective of scale or scope. Lead responsibility is assigned to key roles including the chief executive, data protection officer, senior information risk owner, and clinical safety officer for ensuring policies and procedures support best practice, overseeing compliance with data protection regulations and data privacy, risk management, oversight, and monitoring.
Recognising the potential value of generative AI, the trust outlines the importance of clearly defining purpose and use, and checking the legal basis for the use of person-identifiable data or anonymising data. This is applicable also for data used in testing AI systems, it goes on, “even if there is no outcome or decision for an individual”. Publicly available AI tools may be used as a supportive tool, it states, but should not be used in making clinical decisions, processing identifiable data, or “replacing professional judgement”.
ChatGPT and other freely-available tools “must not be used to process patient-identifiable information, confidential or business sensitive data, or make clinical decisions”, according to RDaSH. “Users are responsible for verifying outputs and ensuring that any content generated is appropriate, accurate, and compliant with relevant governance standards.” Trust approved alternatives such as Microsoft Teams Recording and Transcribing, Intelligent Recap, and Copilot Chat can be used from its secure network for similar functions, it adds. The clinician retains full responsibility for all aspects of diagnosis, treatment, and patient care, and where AI is used during consultations for recording patient information, patients should be fully informed and should have offered explicit consent.
On procurement and implementation for products or systems containing AI features, RDaSH sets out the need to engage with IT and information governance teams, complete a DPIA with engagement from the supplier where identifiable data is to be used or a new system is to be procured, and gain approval from the Health Research Authority for use of AI in research. Outputs must always be subject to human review, and transparency should be ensured for patients and employees.
All employees are trained in data security and awareness as part of the trust’s induction programme, RDaSH shares, which is delivered via e-learning and refreshed annually. Ongoing monitoring will be undertaken on policy content by the director of health informatics and reported to the digital transformation group “annually or as required”, with the chief executive reporting to the board of directors as part of the finance, digital and estates committee report at regular board meetings.
Practical guidance for clinicians covers the need to validate outputs against clinical evidence and patient context, to document decisions and rationale clearly in patient records, and to report any safety concerns or adverse incidents involving AI tools.
Wider trend: Health AI regulation and governance
HTN was joined for a deep dive into AI strategy, implementation, adoption, and opportunities by Neill Crump, group associate director of innovation & partnerships at The Dudley Group and Sandwell and West Birmingham, and Pip Hodgson, group digital transformation specialist at University Hospitals of Leicester and Northamptonshire. Our panel discussed their organisation’s approaches to AI and AI strategy, best practices in AI strategy development, Ambient Voice Technology and successful implementation, and the opportunities likely to be ahead with the next wave of AI.
A separate HTN Now webinar saw an expert panel discuss AI in primary care, covering successes and challenges with implementing AI in primary care, governance, adoption, and other practical learnings. Katie Baker, Director UK & Ireland of Tandem Health; Mateen Ellahi, GP and member of NHSE primary care advisory group, South Stockton PCN, Elm Tree Surgery; and Paul Miller, head of IT at Nottingham and Nottinghamshire ICB made up our panel.
The National Commission into the Regulation of AI in Healthcare has offered early insight into outcomes from a call for evidence attracting more than 770 responses, indicating strong support for regulatory reform and the need for further development in areas such as post-market surveillance and ongoing monitoring. Henrietta Hughes, patient safety commissioner and deputy chair of the commission, presented the findings, suggesting the response to the open call for evidence demonstrates “how strongly patients and the public want to be included as partners in the regulation of AI in healthcare”. The overarching message is clear, Hughes went on: trust is central, extending to the technologies themselves, their use, and how they are governed.
