AI Competence & Compliance

Use AI. Legally compliant. From day one.

The EU AI Act requires every medical practice that uses AI to take specific measures — from training requirements to data protection impact assessments. ClinicOS is the only practice management software provider that supports you with this. Free of charge.

What does the AI Act mean for me?

Free initial consultation

What the EU AI Act means for your practice

Since February 2025, new rules for the use of AI in the EU have applied. Every physician who uses AI-supported software — whether for documentation, telephony, or billing — becomes an operator within the meaning of the AI Act. That sounds abstract. The obligations are not.

In effect since February 2025

AI expertise for your practice team

Art. 4 of the AI Act: You must ensure that your entire team — doctors and medical assistants — has sufficient AI competence. That means documented training. There is no grace period.

Applies now (GDPR)

Data Protection Impact Assessment

Art. 35 GDPR: AI that processes health data generally requires a data protection impact assessment (DPIA). This applies to any practice that uses AI-supported documentation or telephony.

Applies from August 2026

Human oversight & record-keeping requirement

Art. 26 AI Act: AI-generated results must not be adopted without review. Documented processes are required — who checks what, and how is this evidenced.

These obligations apply regardless of which practice software you use. The difference: with ClinicOS, you do not have to handle it on your own.

WHAT OTHERS DO NOT DELIVER

What the EU AI Act means for your practice

The major PVS providers are investing in data protection and certifications for their own infrastructure — ISO 27001, German servers, encrypted connections. That is good. But the obligations that arise for you as the operator are left unmentioned. No DPIA template. No training for your practice team. No checklist for day-to-day practice.

You receive a product. And an FAQ. Those are not the same.

The CLINICOS Compliance Package

At ClinicOS, you get everything you need.

Every ClinicOS customer receives a complete compliance package — free of charge, from day one.

1 Free AI training in 3 stages

Online training program for your entire practice team — from the medical assistant to the practice owner. Three levels: Beginner (2h), Intermediate (4h), and Advanced (8h). Live sessions with our AI researchers. Includes a certificate of participation as compliance documentation under Article 4 of the AI Act.

2 Security Disclosures

A pre-filled Data Protection Impact Assessment, specifically for ClinicOS. It shows which data is processed, where the servers are located, and what protective measures are in place. You only need to add your practice-specific details — without an external data protection consultant.

3 Complaints

A clear guideline for everyday practice: which AI-generated results must be reviewed, by whom, and how this review is documented. Seamlessly integrated into your ClinicOS workflow.

4 Data Protection Inquiries

ClinicOS automatically stores system logs in compliance with legal requirements. Transparent documentation of when each AI function delivered which result — without any manual effort on your part.

Training Program in Detail

Free initial consultation

WHAT OTHERS DO NOT DELIVER

AI Competency Training: Three Levels. Free

Our training program meets the requirements of Article 4 of the EU AI Act. Developed by medical professionals and AI researchers — not by generic training providers.

Level 1 — Beginner

AI Fundamentals & Awareness

All staff & end users

2 hours | live online training + e-learning

What is AI? Terms, distinctions, everyday examples

How does AI work? Machine learning, LLMs, prompt logic

Opportunities & Risks: Hallucinations, Bias, Misinterpretation

Data Protection Basics: What Can I Enter? GDPR Relevance

EU AI Act Overview: Risk Categories and Obligations

Recognizing Deep Fakes & Disinformation

Completion: Certificate of attendance
Prerequisites: None

Level 2 — Intermediate

AI strategy & responsible use

Power users, practice managers, team leaders

4 hours (2 × 2h) | live online training + workshop

AI Act Deep Dive: Risk Classes, Obligations, Sanctions

GDPR & AI: Lawful bases for processing, DPIA

AI Governance: Roles, Responsibilities, Documentation

Developing an AI policy for your own practice

Risk assessment of AI tools

Ethics: Bias, Fairness, Transparency

Industry-specific: AI in healthcare & MDR

Completion: Certificate of participation + competency test
Prerequisites: Beginner certificate or equivalent

Level 3 — Advanced

AI Management & Compliance Ownership

AI decision-makers, managing directors, compliance

8 hours (2 × 4h) | Live online training + practical lab

AI Act: Complete list of obligations for providers & deployers

High-risk AI: conformity assessment, CE marking

AI management system in accordance with ISO/IEC 42001

Build an AI risk management framework

Technical AI safety: robustness, monitoring

Implementing Human Oversight: Levels of Automation, Escalation Logic

Practice Lab: Develop Your Own AI Training Concept

Qualification: Certificate of participation + project work
Prerequisites: Intermediate certificate or demonstrable AI experience

Lecturers

Legal content is created and reviewed in coordination with lawyers specializing in AI law. Regular updates are made in response to regulatory changes.

Dr. Sohrab Shojaei Khatouni

CEO & Chief Scientific Officer, NoscAi GmbH

Double doctorate in medical AI. Over 8 years of research at the Technical University of Hamburg and the University Medical Center Hamburg-Eppendorf. Physician, founder, and developer of ClinicOS.

Stefan Neumann, M.Sc.

Head of AI, NoscAi GmbH

Master of Science in Computer Science. 4+ years of AI research at TU Hamburg. Responsible for the AI architecture and development of ClinicOS.

Our AI documents. It does not make diagnoses.

Some providers let their AI independently suggest diagnostic codes. That may sound practical — but it comes with significant regulatory consequences. Systems that derive ICD-10 codes from the context of a conversation may be classified as medical devices — with mandatory certification and the full set of obligations for high-risk AI.

ClinicOS deliberately takes a different approach: our AI transcribes, structures, and documents—based on what you, as the physician, say and decide. Diagnostic control remains entirely with you.

This is not a technical limitation. It is a deliberate decision — for your legal protection.

Use AI. Know your obligations. Be secure and well prepared.

With ClinicOS, you don’t just get the most advanced AI practice software — you also get the confidence to use it in full compliance with legal requirements. From day one.