What is the European AI Act? The European AI Act is a groundbreaking proposal from the European Union aimed at comprehensively regulating the use of Artificial Intelligence (AI)[i]. Enacted with the goal of promoting both innovation and safety, the Act defines strict regulations for the use of AI systems across various sectors. It categorizes AI applications into four risk levels – minimal, limited, high and unacceptable – and provides specific requirements and obligations for each level. These range from transparency obligations and human-centered oversight to stringent bans on particularly high-risk applications. The European AI Act aims to ensure that AI technologies in the EU are used safely, transparently, and in accordance with European values and rights.
Relevance and Challenges for the Pharma and Life Sciences Sector The life sciences sector is particularly affected by the regulations of the European AI Act, given the increasing emphasis on AI capabilities. From drug research and clinical trials to personalized medicine and health monitoring, AI applications offer immense potential for increasing efficiency and innovation[ii]. The industry will therefore need to navigate the use of AI with the requirements laid out in the Act. For example, the risk categorization of AI systems requires thorough analysis and traceability of the algorithms used. Additionally, data sources must be transparently disclosed, and measures to prevent discrimination and ensure data integrity are necessary. These requirements could lead to significant changes in workflows and development processes, which would add a layer of complexity.
How Can Data Governance Help Address These Challenges? In our opinion, robust data governance is key to successfully managing the challenges posed by the European AI Act in the pharma and life sciences sector. Data governance encompasses the management, use, and control of data within a company, ensuring that this data is reliable, secure, and accessible[iii]. Effective data governance is divided into 10 knowledge areas, including data quality, data architecture, data modeling, data integration, and data [iv]. By systematically addressing these areas, companies can ensure that their data complies with the requirements of the AI Act. For example, data quality can help to safeguard the integrity and accuracy of data, which is essential for developing trustworthy AI models. Data architecture and integration help to ensure that data from different sources can be correctly combined and used consistently. Measures in data security and management protect sensitive information and achieve compliance with legal requirements; clear data sharing agreements, often overlooked, are essential.
A solid data governance framework based on the DAMA model (Data Management Association) enables companies to design their AI systems in a transparent, traceable, and secure manner[v]. This reduces the risk of regulatory violations while also fostering innovation by providing a solid data foundation for the development of advanced AI solutions. For the life sciences sector, this means not only compliance with legal requirements but also optimized use of data resources for sustainable success and progress.
Compliance with the European AI Act is both a challenge and an opportunity for the life sciences sector. With effective data governance, companies can meet regulatory requirements while opening the door to innovation. The consistent application of these principles gives greater assurance that AI technology will be used safely, ethically, and efficiently, which ultimately promotes not only compliance with regulations but also success in a competitive market environment.
Cencora PharmaLex – Expertise in Data Governance Our team (formerly Osthus) has extensive experience in data governance and has collaborated with numerous global players in the pharma and life sciences sector in the past.
About the Author: Dr. Till Popkes-van Oepen is a Data Governance Consultant. He has experience in pharmacology and clinical research. He currently works at PharmaLex and is involved in the strategic planning and implementation efforts of Data Governance projects.
[1] Shaping Europe’s digital future, AI Act, European Commission. https://digital-strategy.ec.europa.eu/en/policies/regulatory-framework-ai
[2] AI In Pharmaceuticals Promises Innovation, Speed, And Savings, Ihsane Mesrar, S&P Global. https://www.spglobal.com/ratings/en/research/articles/241001-ai-in-pharmaceuticals-promises-innovation-speed-and-savings-13254002
[3] Data Governance Act explained, European Commission. https://digital-strategy.ec.europa.eu/en/policies/data-governance-act-explained
[4] DAMA International. (2017). The DAMA guide to the data management body of knowledge (DAMA-DMBOK): 2nd edition. Technical Publications.
[5] The Global Data Management Community, DAMA International. https://www.dama.org/cpages/body-of-knowledge
