Quanskill
📖 THEORY | 60 Minutes

Chapter 5: AI Safety, Ethics & Compliance

Navigate data privacy, Vietnam's AI regulations, and responsible AI use in medical device manufacturing.

🎯 Chapter Objectives

🖼️ Visual Summary — Chapter 5 Theory

Use this one-page infographic as the quick visual recap for this theory. Open the full-size version for classroom projection or participant sharing.

Chapter 5 Theory infographic
View Vietnamese version

5.1 The 5 Golden Rules of AI at MPV

🚫
NEVER input patient data, personal info, or trade secrets into public AI tools
ALWAYS verify AI outputs before using them in official documents or decisions
👁️
ALWAYS maintain human oversight — AI assists, YOU decide
📋
ALWAYS document when AI was used in creating compliance-related content
🔒
ALWAYS use company-approved AI tools with appropriate security settings

5.2 Data Privacy & AI

What You Must NEVER Put Into Public AI Tools

🚫 PROHIBITED Data Types
  • Personal Information: Employee names, ID numbers, health records, salaries
  • Customer Data: Hospital names with contract details, pricing agreements
  • Trade Secrets: Proprietary formulations, machine specifications, process parameters
  • Financial Data: Unpublished financial results, pricing strategies
  • Quality Records: Specific defect data that could identify production issues to competitors
✅ SAFE to Use: Generic templates, public information, anonymized data, general industry knowledge, hypothetical scenarios, and publicly available regulations.

Vietnam's Data Protection Framework

RegulationEffectiveKey Requirement
Decree 13/2023 (PDPD)July 2023Health data classified as "sensitive" — requires explicit consent for processing
Law on DataJuly 2025New rules on "important data" transfers, risk assessments for data processing
DTI LawJanuary 2026Risk-based AI classification, mandatory AI output labeling, regulatory sandboxes
Draft Medical Data DecreeExpected 2026National Medical Database under MOH oversight

5.3 AI Risks in Medical Device Manufacturing

⚠️

Hallucination Risk

AI may generate plausible but incorrect technical specifications or compliance information

🔓

Data Leakage

Sensitive data entered into AI tools may be used for model training or exposed to unauthorized parties

⚖️

Bias

AI models may reflect biases from training data, affecting supplier evaluations or HR decisions

📜

Compliance Gaps

AI-generated compliance documents may not meet ISO 13485 or regulatory standards without human review

Mitigation Strategy: Every AI output used in compliance, quality, or regulatory contexts must be reviewed and approved by a qualified human before use. Document the review process as part of your quality management system.

5.4 Responsible AI Principles for MPV

🎯

Transparency

Be open about when and how AI is used in your work. Don't hide AI involvement.

⚖️

Fairness

Check AI outputs for bias, especially in HR (recruitment) and procurement (supplier evaluation).

🔒

Privacy

Protect personal data. Use anonymization when possible. Follow Decree 13 requirements.

👤

Accountability

Humans are always responsible for decisions — AI is a tool, not a decision-maker.

📝 Chapter 5 Summary

Key Takeaways:
  • Follow the 5 Golden Rules when using AI at MPV
  • NEVER input personal, financial, or proprietary data into public AI tools
  • Vietnam's DTI Law (January 2026) introduces risk-based AI classification
  • Always verify and document AI-generated compliance content
  • Human oversight is mandatory — AI assists, you decide
🔬 Continue to Chapter 5 Lab →