Data protection
There is no specific AI law in the UK yet, however UK GDPR and the Data Protection Act 2018 apply in its use - AI procedures must be transparent and lawful. Individuals have a right to not have decisions based solely on automated processes if they significantly affect them. A ‘human-in-the-loop’ is therefore necessary to review, and over-ride AI generated outcomes, such as shortlisting job applicants.
Fairness and avoiding discrimination
AI can reduce unconscious bias but there is a risk of unfair and discriminatory decisions if systems are trained on non-inclusive data. Human interaction helps to comply with the Equality Act 2010 and ensure that groups are treated fairly.
Codes of practice should continue to be followed when using AI in HR procedures - to avoid potential increases in compensation at tribunal. These include the ACAS Code of Practice on Disciplinary and Grievance Procedures, as well as the Code of Practice on Dismissal and Re-engagement.
Clinical and ethical standards
Along with legal compliance consider how AI use will align with ethics and values, like quality of care and compassion. Follow regulatory requirements from relevant bodies such as the GMC, GDC or NMC when developing automated processes including workforce planning and decisions – which should continue to meet safe staffing levels and clinical standards.
Copyright risks
AI can potentially breach copyright or unintentionally plagiarising existing material. Ensure you have the right to use, modify, and distribute AI-generated content—robust plagiarism checks can help prevent copyright violations. Protect company data when using AI tools to safeguard intellectual property.
Additional resources
Take in our 90-minute webinar on AI Scribe, it's use and risk mitigation
MDDUS members can also register for our free 3-hour course at 9.30am on 22 August which looks at balancing the risks and opportunities using AI in GP practice.
We recommend:
- being transparent in how AI is used in the workplace and how decisions are made
- continuing to comply with data protection regulations
- having regular ‘human-in-the-loop’ reviews to identify and address any unintended biases
- carrying out plagiarism checks to verify AI-generated content
This page was correct at the time of publication. Any guidance is intended as general guidance for members only. If you are a member and need specific advice relating to your own circumstances, please contact one of our advisers.
Save this article
Save this article to a list of favourite articles which members can access in their account.
Save to library