Israel Medical Association’s New Ethics Rules for the Use of AI in Medicine – Implications for Healthtech Companies

On April 15, 2026, the Israel Medical Association’s Ethics Department published a position paper outlining guidelines for the use of artificial intelligence in the healthcare system. Although the position paper addresses physicians and medical institutions, in practice, it has significant implications for healthtech and medtech companies. Since medical institutions will be required to align their activities with these principles, it is reasonable to assume this will directly impact their demands on technology providers.

For companies developing AI-based medical systems, the IMA’s position paper is likely to have a significant practical impact on their design and development processes. In order to be approved by institutional ethics committees and procurement departments, companies should design systems from the outset (by design) in accordance with the new standards.

However, the IMA’s position paper does not just impose restrictions; it also offers business and legal opportunities that healthtech companies can leverage during their development, marketing, and market penetration processes.

IMA Principles for Implementing AI in the Healthcare System

• Human in the loop – The IMA stresses that AI is a decision-support tool and not a substitute for clinical judgment. On a practical level, AI-based systems must enable physicians to intervene, critique, and even override an algorithm’s recommendations, as well as provide infrastructure for documenting rationale in medical records whenever physicians reject an AI-based system’s conclusions and/or recommendations (especially in relation to professional standards). Beyond regulatory compliance, product design that empowers rather than replaces physicians lowers entry barriers, reduces on-the-ground resistance, and significantly accelerates adoption of the technology among medical teams.

• Transparency and explainability – The era of the “black box” is over. Physicians and patients must now understand how an algorithm reaches decisions, what information it was trained on, and what its limitations are. The IMA’s position paper imposes direct responsibility on developers to create mechanisms that enable systems to be “explainable” and subject to oversight, so that human users can receive clarification, question outputs, and even ignore algorithmic recommendations. Companies that succeed in designing  transparent user interfaces (UI/UX) that provide medical staff and patients with real control will enjoy a competitive advantage and will more easily pass ethics and procurement committee approvals.

• Privacy, medical confidentiality, and information security – The IMA’s position paper explicitly states that medical AI tools must operate under the highest standards of information security, encryption, and restricted access to data. In order to continue training AI models lawfully and comply with these requirements, companies must design a secure architecture from the outset and implement rigorous anonymization mechanisms. Compliance with these standards is a necessary prerequisite for passing medical institutions’ data security tests.

• Data quality and elimination of biases – The position paper clarifies that the quality of AI-based systems’ decision-making derives directly from the quality of the data, which requires fair representation of diverse populations in the information used to train AI. Since medical data tend to accumulate disproportionately in populations with better access to the healthcare system, biases in information may lead to erroneous and discriminatory recommendations.  The business and legal implication is that a biased algorithm currently constitutes a critical regulatory and commercial barrier. Meticulous legal, technological, and statistical documentation of data validation and monitoring processes will be a prerequisite for approval by institutional procurement committees, as well as a key asset in due diligence processes with investors and potential buyers.

• Patient autonomy and informed consent – The document draws a clear red line: the commercial use of patients’ medical data collected through AI systems is prohibited without informed consent. In addition, when the system has a material impact on clinical treatment, it is mandatory to inform the patient and obtain consent for the use of the AI system itself as an integral part of the informed consent for the treatment. Consequently, technology companies will need to develop alternative legal and commercial models with medical institutions to ensure lawful collection and use of patient data.

• Institutional preparations – Hospitals and HMOs must establish internal procedures for acquiring AI technologies, and the IMA also recommends appointing a dedicated medical ethics officer for the field. Companies that reach a sales process already equipped with a  compliance package will significantly shorten acquisition timelines.

Practical Recommendations for Healthtech Companies

The development of AI-based medical products requires far more than excellent technology. The IMA’s position clarifies that companies must incorporate privacy protection and ethics by design in their products to meet regulatory challenges. We recommend that relevant companies perform a gap analysis against the principles specified in the position paper and assess the scope of the changes they must make in product design, work processes, and communication interfaces with customers and end-users.

To turn the new regulatory requirements into competitive advantages, companies must first understand where they stand today. We recommend starting with a comprehensive mapping of all AI system development and implementation processes and conducting a gap analysis. This will enable early identification of legal and ethical exposures and the design of an organized “regulatory compliance package.” Such a package constitutes a major business asset, since it significantly shortens procurement processes within hospitals’ and HMOs’ medical ethics committees, and conveys to customers that the product is mature and ready for market.

After ascertaining the regulatory compliance gaps, companies should update their privacy protection and data security procedures, focusing on how they collect medical information and use it to train AI models. This is also the time to regulate intellectual property rights and ownership of information with medical institutions. Concurrently, companies should implement control measures ensuring that their systems operate safely, responsibly, and with oversight mechanisms. In the final analysis, updating regulatory compliance programs to include AI challenges is not merely a matter of ensuring legal protection. Regulated and documented preparations reduce regulatory exposures, enhance customer trust, and significantly increase the company’s value ahead of fundraising rounds or merger and acquisition transactions.

***

The firm’s Privacy, Cyber & AI Department provides strategic legal advice to companies developing AI technologies for the healthcare sector. We are at your service to counsel on the development and training stages of AI models and user interface design, as well as to provide commercial and regulatory guidance vis-a-vis healthcare institutions in Israel and abroad.

Dr. Avishay Klein is a partner and head of our Privacy, Cyber and AI Department.

Dr. Nadine Liv is an associate in the department.