Skip to main content

Documentation Index

Fetch the complete documentation index at: https://playbook.pharmatools.ai/llms.txt

Use this file to discover all available pages before exploring further.

Core principle

AI regulation is no longer optional or aspirational. It is an emerging compliance layer sitting on top of the existing GxP, MLR, and journal-disclosure expectations medical writers already work within. The practical question for any AI tool you use is: which regulatory tier does it sit in, and what obligations does that create? This page is informational, not legal advice. For specific compliance decisions affecting submissions, promotional content, or regulated workflows, escalate to your organisation’s regulatory affairs and legal teams.

Why this matters now

The EU AI Act is the most far-reaching AI regulation currently in force. Adopted in 2024, it began phasing into effect from February 2025 and will be largely operational by August 2026, with high-risk AI provisions following in August 2027. It applies extraterritorially. EU-based pharma operations are obviously in scope, but so is any AI-assisted output that reaches EU patients, EU healthcare professionals, or EU regulatory submissions — which covers most globally distributed pharma communications. The standards the EU AI Act establishes are also increasingly being mirrored by other regulators (FDA, MHRA, EMA), so even non-EU-bound work tends to converge on the same expectations within 12–24 months.

The EU AI Act tier system

The Act categorises AI by the risk it poses, with corresponding obligations:
TierDefinitionTypical examples in medical writing
ProhibitedUses banned outright (manipulation, social scoring, real-time biometric ID)Generally not applicable to medical writing
High-riskAI used in safety-critical decisions or as a medical deviceAI in clinical decision support, pharmacovigilance signal triage, AI medical devices
Limited-riskAI subject to transparency obligationsMost medical writing AI sits here — drafting, summarising, translating, generating content
Minimal-riskRoutine AI with no specific Act obligationsSpell-check, basic search, grammar correction
For medical writers, the practical takeaway is that almost all generative AI used in writing workflows falls under limited-risk transparency obligations, not high-risk obligations. But the boundary is real, and it matters: as soon as AI is making or directly informing a clinical or safety decision, it crosses into high-risk territory and a different compliance regime applies.

Transparency obligations (Article 50)

Limited-risk AI carries specific transparency duties that affect day-to-day medical writing:
  • Users must know they’re interacting with AI — relevant for any chatbot or interactive AI tool deployed to HCPs or patients
  • AI-generated content must be labelled — text, images, audio, and video produced or substantially modified by AI must be marked as such, unless it has undergone meaningful human review and editorial responsibility
  • Synthetic content must be detectable — providers of generative AI are obliged to make output technically detectable as AI-generated
This aligns closely with Declaring AI Use. If you are already complying with ICMJE-style journal disclosure expectations, you are most of the way to Article 50 compliance for your written outputs. The EU AI Act formalises what good practice already required.

What “high-risk” looks like in medical writing contexts

Most generative AI used in writing workflows is not high-risk under the Act. But several adjacent uses are, and writers should be alert to them:
  • AI used in adverse-event triaging or pharmacovigilance signal detection — even if a writer is summarising the output, the upstream AI is high-risk
  • AI components in software-as-a-medical-device (SaMD) — content generated to support these systems carries higher documentation expectations
  • AI used in patient-facing decision support — including chatbots that triage symptoms or provide treatment guidance
  • AI in regulatory decisions on benefit-risk — generally human-decided, but AI inputs to these decisions are scrutinised
If any of your work touches these categories, treat the compliance bar as substantially higher and involve regulatory affairs early.

Foundation model obligations

The Act distinguishes between AI systems (downstream applications) and general-purpose AI models (the foundation models like Claude, GPT, Gemini that underlie most AI tools). Providers of general-purpose models carry their own obligations, including:
  • Technical documentation and training-data summaries
  • Compliance with EU copyright law
  • For models with “systemic risk” (the most capable frontier models), additional safety, evaluation, and incident-reporting obligations
For medical writers, the practical implication is that the AI tool you choose carries its own compliance status, and that status flows through to your work. When evaluating a tool, ask:
  • Which underlying model does it use?
  • Has the provider published the documentation required under the Act?
  • Does the provider’s data-handling meet your sponsor’s and the Act’s requirements?

Implementation timeline (mid-2026 status)

DateStatus
August 2024EU AI Act in force
February 2025Prohibited AI uses banned
August 2025Foundation model provider obligations apply
August 2026Most general obligations (transparency, governance) apply
August 2027High-risk AI obligations fully apply
By the time you read this, transparency and governance obligations are either in force or imminent. High-risk obligations are still in their compliance window, which is why guidance is still evolving for SaMD-adjacent uses.

Other regulatory frameworks

The EU AI Act is the most concrete, but it does not stand alone. Medical writers working in regulated communications should be aware of:
BodyFrameworkStatus
FDA (US)AI/ML-enabled medical device guidance; Good Machine Learning Practice (GMLP) frameworkEvolving; final framework expected through 2026–27
EMA (EU)Reflection paper on AI in the medicinal product lifecyclePublished 2024; multi-annual workplan in implementation
MHRA (UK)AI Airlock; AI as a Medical Device programmeActive sandbox programme; guidance evolving
WHOEthics and governance of AI for healthGlobal ethical guidance, not regulation
PMDA (Japan), NMPA (China)Country-specific AI/SaMD guidanceIncreasingly active
These don’t replace the EU AI Act for EU-bound work; they layer on top, and they tend to converge on similar standards (transparency, accountability, validation, post-market surveillance).

Practical assessment for your team

For every AI tool in your medical writing workflow, identify which Act tier it falls into. Most will be limited-risk (transparency obligations). Flag any that touch high-risk territory (clinical decisions, pharmacovigilance, medical devices) for regulatory review.
The audit-trail expectations in Review and Accountability cover most of what regulators will look for. Build the habit during the work, not when a compliance question arrives.
Ask your AI tool providers for their EU AI Act compliance documentation. Reputable providers (foundation model vendors and downstream tool builders) are publishing this now. Absence of documentation is a flag.
Existing pharma SOPs covering editorial assistance, third-party services, and content production should be reviewed to confirm they cover AI use specifically — labelling, disclosure, documentation, and tool vetting.
Article 50 transparency obligations mean AI-generated content reaching the public must be labelled. This is now a compliance issue, not just a best practice. Train writers, editors, and reviewers on the labelling expectations for each deliverable type.

Common mistakes

The Act applies to any AI-assisted output that affects people in the EU. Globally distributed pharma materials, EU clinical trial documentation, EU regulatory submissions, and EU-distributed promotional content all bring work into scope, regardless of where the writer or sponsor sits.
The Act’s obligations are continuous (documentation, post-market monitoring, incident reporting for high-risk uses). One-time gap analyses are not enough; compliance is operational.
Even minimal-risk AI use can trigger transparency obligations under Article 50 if the AI is generating content for external audiences. The tier determines the kind of obligation, not whether obligations exist.
Your AI tool provider’s compliance status is part of your compliance position. Choosing tools without verifying provider obligations leaves a gap in your audit trail.
AI use questions on regulated submissions should be raised with regulatory affairs and legal at the project-planning stage, not at submission. Late escalation is the most common reason AI-assisted regulatory work gets reworked.

How this connects to other playbook principles

  • Declaring AI Use: Article 50 transparency obligations align directly with journal disclosure expectations. Building good disclosure practice covers most of the Act’s content-labelling requirements.
  • Review and Accountability: The audit-trail and named-reviewer expectations are the documentation foundation regulators look for.
  • Source Grounding: The Act doesn’t replace evidence-based requirements. Both apply.
  • Risk Levels: The playbook’s internal risk tiers and the EU AI Act’s tiers are different frameworks but complementary — the playbook tier tells you how to review, the Act tier tells you what regulators expect.

The bottom line

The EU AI Act has shifted AI compliance from “best practice” to “legal obligation” for any medical writing reaching the EU. Most generative writing AI sits in the limited-risk tier — meaning transparency, labelling, and documentation, not heavy validation. But the boundary with high-risk uses is real, and the implementation timeline is short. Build the habits now: label AI-generated content, document use contemporaneously, vet provider compliance, and escalate ambiguous cases to regulatory affairs early.
Last reviewed: 4 May 2026 · 8 min read