AI RISK PROFILER FOR DEVELOPERS

Find out exactly which AI risks your health product carries and what to do about them

Submit your product and get back a clear risk profile — which AI risks are active, how serious each is in your clinical context, and exactly where the gaps are. So you can close them before a buyer, auditor, or regulator finds them first.

Apply for Alpha access

Informed by an international advisory group with representatives from...

WHAT IS IT

You submit information about the AI in your product. The AI Risk Profiler generates a report you can actually use.

The AI Risk Profiler produces a structured risk profile for every AI feature in your product - the kind of document that answers the questions health system procurement teams and EU AI Act auditors are asking. Here's what the process looks like.

You complete the structured AI questionnaire (~100 questions covering technique, function, architecture, and governance)

You upload supporting documentation (clinical risk management docs, model cards, safety assessments)

The AI Risk Profiler applies the six-step methodology to each AI feature

You instantly receive a structured AI Risk Profile report - risks, mitigations, gaps, regulatory alignment

Website 540x405 app developer supplier 2

WHAT YOU GET

An automated, instant AI Risk Profile report

The report isn't a pass or fail. It shows which of the 10 'canonical' (standardised) AI risks are active, how severe each is given your clinical context, what you have in place to mitigate them, and where the gaps are.

What you can then do with the profile:

Hand it to the health system asking for AI risk documentation — they get a structured, third-party assessed profile

Include it in your EU AI Act Article 9 risk management system documentation

Use the gap analysis to prioritise where your engineering and governance teams focus next

An add-on to the ORCHA Assured certification

ORCHA Assured covers clinical safety, privacy, security, usability - broad assurance across any digital health product.

The AI Risk Profiler goes deeper into the AI-specific layer: the inference technique, the computational function, which of 10 standard risks those activate, and where the mitigations are absent. You can have an ORCHA Assured product that still carries unmitigated AI risks. The AI Risk Profiler is what finds them.

WHY THIS MATTERS NOW

The legal risk in health AI is already here

The EU AI Act has classified most clinical AI as high-risk, with mandatory documentation obligations live now. In the US, federal regulation is still developing — but the courts aren't waiting.

In the EU, non-compliance with the AI Act's high-risk obligations carries penalties of up to €30 million or 6% of global annual turnover. In the UK, DCB0129 clinical risk management obligations apply to every deploying organisation. In the US, the first cases are already in court. Disclaimers are not a defence.

€30m

maximum EU AI Act penalty

Or 6%

of global turnover

How the Health AI Risk Profiler works

You complete the questionnaire

A structured set of questions covering the product's AI features - what they do, how they work, what clinical context they operate in, and what governance and architecture controls are already in place.

The tool applies the six-step framework

The tool applies the AI Risk Profile methodology to every AI feature in the product. Each feature is assessed separately - clinical risk severity, computational function, inference technique, which of the 10 standard risks are activated, and what's actually mitigating them.

A structured AI risk profile report is generated

A clear, evidence-based output showing which risks are active in the product, how severe each is given the clinical context, where mitigations are working, and where the gaps are.

THE METHODOLOGY

You get a complete picture of every AI risk in a product and exactly what to do about it.

Each AI feature is assessed separately. By the end, you know which risks are active, how severe they are, what's mitigating them, and where the gaps are.

Clinical Context — Clinical Risk Severity

The risk profile is anchored in what's actually at stake — who receives the AI output and what happens if it's wrong. A wellness chatbot and a clinical decision tool get very different profiles. That distinction matters, and it's built in from the start.

Computational Function

A product with multiple AI features gets each one assessed separately. You don't get a single blended risk score that obscures where the real problems are - you get a clear picture of each feature individually.

Inference Technique and Model Architecture

How the AI works determines which risks it carries. Suppliers declare this through a structured questionnaire. If the declaration is incomplete or withheld, that's flagged — because opacity in documentation is a risk in itself.

Risk Activation

You find out which of 10 defined AI risks are active in this product — and how serious each one is given the clinical stakes. Where two factors both trigger the same risk, you're told it's amplified. No guessing about what matters most.

Structural and Governance Mitigations

You see what's actually reducing the risk — in the product architecture, and in the governance programme. Assessed separately, so you can tell whether a product is genuinely safe or just well-documented.

Gap Analysis — Residual Risk

You leave knowing exactly where the unmitigated risks are and what they mean clinically. Not a pass or fail — a clear evidence base for making the decision in front of you, whether that's procurement, deployment, or regulatory submission.

THE EVIDENCE BASE

Built on a foundation with AI and digital health experts

The AI Risk Profiler framework has been validated against 20+ AI feature assessments across real health products. Every risk category and mitigation type reflects what's actually in the market - which means when it finds a gap in your product, that finding is grounded in evidence, not theory.

Read more about the research group here.

30+

Expert institutions in the Advisory Steering Group across clinical, academic and technical backgrounds

20+

Real AI health product features tested during framework development

Designed to support compliance across global AI frameworks - not replace them

EU AI Act

Articles 9–17 risk management & transparency obligations

European Union

DCB0129

Clinical risk management for health IT systems

United Kingdom

NICE ESF

Evidence Standards Framework for digital health technologies

United Kingdom

GMLP

Good Machine Learning Practice for medical AI

US · UK · Canada

FDA SaMD

AI/ML Software as a Medical Device guidance

United States

ISO 14971

Medical device risk management standard

International

NHS AI Strategy

NHS England AI adoption & governance framework

United Kingdom

RESEARCH FOUNDATION

"Operationalising Trust in Health AI: A Participatory Framework for Contextual Risk Assessment in Digital Health"

A working paper co-authored with Ulster University and the American Psychological Association has been submitted to HHAI2026 - the Hybrid Human-Artificial Intelligence Conference in Brussels, July 2026. A peer-reviewed journal paper is planned for H2 2026.

Learn more

Why this matters now

35%

of people globally now use AI to manage their health, making AI health products a mainstream clinical touchpoint, not a fringe use case.

64%

of AI-fluent consumers believe they can perform at least one medical task as well as a trained professional. Perceived AI competence is outpacing governance.

-10

year-on-year drop in public confidence in finding reliable health information. Trust in the health information environment is deteriorating fast.

AI RISK PROFILER FOR DEVELOPERS

Find out exactly which AI risks your health product carries and what to do about them

Informed by an international advisory group with representatives from...

WHAT IS IT

You submit information about the AI in your product. The AI Risk Profiler generates a report you can actually use.

You complete the structured AI questionnaire (~100 questions covering technique, function, architecture, and governance)

You upload supporting documentation (clinical risk management docs, model cards, safety assessments)

The AI Risk Profiler applies the six-step methodology to each AI feature

You instantly receive a structured AI Risk Profile report - risks, mitigations, gaps, regulatory alignment

WHAT YOU GET

An automated, instant AI Risk Profile report

Hand it to the health system asking for AI risk documentation — they get a structured, third-party assessed profile

Include it in your EU AI Act Article 9 risk management system documentation

Use the gap analysis to prioritise where your engineering and governance teams focus next

An add-on to the ORCHA Assured certification

WHY THIS MATTERS NOW

The legal risk in health AI is already here

€30m

Or 6%

How the Health AI Risk Profiler works

You complete the questionnaire

The tool applies the six-step framework

A structured AI risk profile report is generated

THE METHODOLOGY

You get a complete picture of every AI risk in a product and exactly what to do about it.

Clinical Context — Clinical Risk Severity

Computational Function

Inference Technique and Model Architecture

Risk Activation

Structural and Governance Mitigations

Gap Analysis — Residual Risk

THE EVIDENCE BASE

Built on a foundation with AI and digital health experts

30+

20+

Designed to support compliance across global AI frameworks - not replace them

RESEARCH FOUNDATION

"Operationalising Trust in Health AI: A Participatory Framework for Contextual Risk Assessment in Digital Health"

Why this matters now

35%

64%

-10

Apply for Alpha access to the AI Risk Profiler