At GE HealthCare, we believe AI should serve people, support clinicians, respect human dignity, and operate with appropriate human oversight. This is more than a belief — it’s reflected in how we approach the design of our AI-powered offerings.
Our approach to Responsible AI is grounded in the full AI lifecycle, from early design and development through deployment, monitoring, and continuous improvement. Our Responsible AI Principles guide our work and help support innovation through governance practices, structured validation, privacy and security safeguards, and alignment with recognized standards and assurance practices.
Trust built over 125 years
At GE HealthCare, we’ve been developing medical devices, patient care solutions, and pharmaceutical services with a rich 125-year history of innovation. Across an install base of more than 4 million units worldwide — from X-ray and PET to Ultrasound and ECG — more than 1 billion patients annually are supported by GE HealthCare’s portfolio of solutions designed to generate data and insights that are important to supporting clinical care delivery.
This trust that has been built carefully over time is extremely important to us. That’s why we believe healthcare technology should be evaluated by more than a set of technical capabilities. We expect that healthcare technologies are designed to perform reliably in real clinical and operational settings, support appropriate use, and support expectations for privacy, security, accountability, and appropriate risk management. As AI becomes more capable and more widely embedded across healthcare, these expectations become even more important.
That is why, at GE HealthCare, we have developed an operating model to help support the development and deployment of technologies grounded in our principles for Responsible AI. Our model is anchored in a governance framework that is operationalized through three key dimensions: quality and validation, privacy and security, and recognitions and certifications.
Governance framework
Responsible AI is grounded in clear governance. AI systems require structured oversight because their impact depends on the context in which they are developed, deployed, and used. This context becomes especially important in healthcare, where context can include a diverse variety of factors like clinical workflows, patient populations, data environments, regulatory expectations, and the role of the clinician or user.
Our governance framework is designed to bring together cross-functional perspectives to support responsible development, review, escalation, and deployment. This includes input from teams with expertise in product development, clinical practice, quality, regulatory affairs, privacy, security, legal, and risk management.
These constituents are intended to help create pathways that enable key governance mechanisms: define ownership, clarify escalation pathways, establish review checkpoints across the lifecycle, and support alignment of AI systems with their intended use.
The development of mechanisms related to governance also supports consistency. As AI use cases expand, teams need a common way to assess risks, document decisions, and determine whether appropriate controls are in place. A structured governance framework is intended to support evaluation of AI systems not only for what they can do, but for how they should be used, who they are intended to support, and what safeguards are required.
Quality and validation
A key dimension of our governance framework is rigorous quality and validation practices. In healthcare, an AI system should be evaluated against the conditions in which it is intended to operate. Performance in a development environment alone is not sufficient. Systems should be assessed for reliability, consistency, clinical relevance, and behavior in context.
Structured validation is intended to assess whether an AI system performs within defined expectations across diverse users and patient populations. The goal is to employ AI systems designed to consistently produce accurate, dependable, and high-quality outputs, by validating performance through appropriate testing, evaluation and verification activities.
Validation should also be aligned to the intended use of the AI system. An AI system designed to support image interpretation, for example, may may require different evaluation methods, safeguards, and performance expectations than one designed to support documentation or workflow efficiency. The clinical or operational context matters because it helps define the risks, user needs, and evidence needed to support appropriate and responsible use.
This work is important because quality and validation practices are intended to support reliability across intended use cases and help inform appropriate use. Responsible development requires understanding where a system performs well, where it might have limitations, and how users should use its outputs. That information should be documented clearly to support appropriate use of AI systems.
Alongside these practices, we promote explainability and interpretability to help users understand how AI systems generate outputs and recommendations. We seek to provide meaningful insights into system behavior to support trust, informed decision-making, and appropriate human oversight.
Privacy and security
Our governance framework also encompasses privacy and security as foundational elements. AI systems often depend on complex data flows, connected infrastructure, and digital environments where trust is essential. Safeguards should be built into the lifecycle from the start, not added only at the end.
Our approach is designed to incorporate privacy-conscious design choices, security and resiliency controls, and risk-informed operational practices. These safeguards are intended to support protection of data, systems, and users across healthcare environments.
Privacy-enhanced development supports responsible data use and is intended to support protection of human autonomy, identity, and dignity. This includes considering what data is used, how it is handled, who has access, and how privacy protections are maintained throughout the lifecycle.
Security and resiliency are equally important. AI systems are designed with controls intended to support confidentiality, integrity, and availability, including in the face of unexpected events, unauthorized access, adversarial activity, or changes in the operating environment.
As AI becomes more integrated into healthcare workflows, security should be considered across the full lifecycle in light of emerging threats. That includes the model, data pipeline, application layer, user interface, deployment environment, and operational controls. A responsible approach looks across these layers and applies controls based on the risks of the specific use case.
Recognitions and certifications
Our governance framework is further supported by external standards, recognitions, certifications, and assurance activities. They can provide structure, consistency, and transparency around how organizations manage quality, privacy, security, risk, and governance.
For Responsible AI, these recognitions should be understood as part of a broader operating model. They may help demonstrate that relevant frameworks and controls are being applied, that processes are documented, and that practices are subject to review.
Certifications and frameworks may relate to areas such as quality management, information security, privacy, risk management, software development, or AI governance. Their value depends on scope, relevance, and how they are integrated into day-to-day development and deployment practices.
Importantly, certifications and recognitions can help demonstrate organizational maturity, but they do not replace continued governance, validation, monitoring, and improvement.
Bringing it all together
Together, these dimensions of our governance framework provide a practical foundation for Responsible AI.
Our governance framework supports clear ownership, oversight, escalation, and alignment to intended use. Quality and validation support evaluation of whether AI systems perform reliably, consistently, and appropriately within the context of their intended use. Privacy and security safeguards are intended to support protection of data, systems, users, and trust. Recognitions and certifications may help demonstrate alignment with relevant standards, frameworks, and assurance practices.
This lifecycle approach is intended to operationalize Responsible AI principles in practice. It supports innovation while building on the longstanding relationships and history of innovation developed over more than 125 years.
