AEGIS: An Operational Infrastructure for Post-Market Governance of Adaptive Medical AI Under US and EU Regulations

A team of researchers has introduced AEGIS (AI/ML Evaluation and Governance Infrastructure for Safety), a comprehensive framework designed to operationalize post-market governance for adaptive medical AI systems under both US FDA and European Union regulations. The system specifically implements mechanisms like the FDA's Predetermined Change Control Plan (PCCP) and the EU AI Act's Article 43(4), which allow for iterative model updates without requiring full re-submissions for each change. AEGIS comprises three core modules: dataset assimilation and retraining, model monitoring, and conditional decision-making.

At the heart of AEGIS is a four-category deployment decision taxonomy—APPROVE, CONDITIONAL APPROVAL, CLINICAL REVIEW, and REJECT—paired with an independent Post-Market Surveillance (PMS) ALARM signal. This ALARM is crucial for detecting a critical state where no deployable model exists while the currently released model is simultaneously at risk. The researchers demonstrated AEGIS's flexibility by applying the identical governance architecture to two distinct clinical contexts: sepsis prediction from electronic health records and brain tumor segmentation from medical imaging, differing only in configuration.

In simulated testing on the sepsis prediction example across 11 iterations, AEGIS yielded 8 APPROVE decisions, 1 CONDITIONAL APPROVAL, 1 CLINICAL REVIEW, and 1 REJECT, successfully exercising all four decision categories. The system issued ALARM signals at iterations 8 and 10, including during the critical state scenario. Notably, AEGIS demonstrated its preventive capability by detecting data drift before any observable performance degradation occurred in the deployed model. This proactive detection is a key advancement for maintaining safety in continuously learning systems.