Artificial intelligence is already reshaping clinical decision-making, but the real stress test begins when an AI-driven recommendation harms a patient and everyone asks the same question: who, exactly, is responsible, and on what evidentiary basis can that responsibility be assessed? Cecchi and colleagues wrote this article to address that practical vacuum by proposing a concrete medico-legal methodology for medical liability cases involving AI, rather than yet another high-level discussion about “ethics” in the abstract (Cecchi et al., 2026).
The core purpose of the paper is to translate a mature forensic-medico-legal way of thinking into the AI lifecycle, so that liability assessment becomes systematic, reproducible, and technically informed when algorithms are implicated in adverse events (Cecchi et al., 2026). The authors argue that current medico-legal frameworks were built for human decision-making and start to fracture when confronted with algorithmic opacity, training-data bias, and performance drift over time. In other words, healthcare systems did not just adopt a new “tool”; they adopted a moving target whose internal logic may be non-transparent and whose behavior can change as data and contexts evolve, making classic liability reasoning feel like trying to cross-examine a fog machine (Cecchi et al., 2026).
The paper’s central message is straightforward and quite assertive: if AI is going to be used in medicine at scale, medico-legal assessment must become dual-track, combining prevention-focused risk assessment before deployment with rigorous causal reconstruction after harm occurs, all embedded in a single structured framework (Cecchi et al., 2026). The authors’ novelty claim is not that “accountability matters” (everyone says that), but that forensic medicine already has a tested methodological template for accountability, and it can be adapted step-by-step to AI-specific failure modes without abandoning medico-legal rigor (Cecchi et al., 2026).
To build that bridge, the authors anchor their proposal in the 13-step methodology endorsed by the European Council of Legal Medicine (ECLM), described as a widely adopted reference framework for evaluating medical liability (Cecchi et al., 2026). Their contribution is the mapping: they examine each of the original 13 steps and identify what the equivalent question becomes when the “actor” is partly an AI system. This is not treated as a purely legal exercise. The methodology is explicitly developed by an interdisciplinary task force, combining forensic medicine specialists and engineers with AI expertise, because a medico-legal assessment that cannot interrogate datasets, validation choices, model behavior, and explainability is structurally incomplete in an AI case (Cecchi et al., 2026).
A major theme throughout the paper is that AI-related harm is often born long before the moment of clinical use. That is why the framework begins with proactive steps focused on data availability and dataset validity. The authors treat the dataset as the upstream “scene of the incident”: if data collection is biased, unrepresentative, poorly documented, or non-compliant with applicable requirements, downstream errors can become statistically baked into the model and later surface as clinical misclassifications (Cecchi et al., 2026). They emphasize that dataset construction is not a narrow engineering task but an integrated process involving legal constraints, domain expertise, and technical data stewardship. They also insist on meticulous documentation of preprocessing and transformations, not as a bureaucratic ritual, but because future audits and liability reconstructions depend on knowing exactly what was done to the data and why (Cecchi et al., 2026).
The authors then move into what they describe as transitional steps, which are especially important because they connect “something went wrong” to “what should have happened.” First, an incorrect output must be identified and characterized (false positive, false negative, wrong therapy suggestion, faulty prognosis, and so on). Then the correct or expected output must be defined by reference to the scientific and procedural standards that should govern care in that context. This mirrors classical medico-legal reconstruction of ideal medical conduct, but here it is used to establish what an AI system, given appropriate inputs and standards, should have produced (Cecchi et al., 2026). This is where the paper’s message becomes practical: liability evaluation should not begin with vibes about whether AI is “good” or “bad,” but with a disciplined comparison between the erroneous output and the expected output under recognized standards of care (Cecchi et al., 2026).
One of the paper’s most distinctive contributions is how directly it inserts explainability into the legal-medical logic of attribution. Step 5 in the adapted methodology asks whether the AI’s decision-making process can be reconstructed, which depends heavily on whether the model is explainable (XAI) or effectively a black box. The point is not philosophical; it is evidentiary. If a model is explainable, the pathway from inputs to output can be traced more clearly, supporting causal reconstruction. If it is a black box, reconstruction becomes more indirect, more complex, and typically more costly, relying on performance re-evaluation and sensitivity testing around the time of the event (Cecchi et al., 2026). Put bluntly, a black box may be powerful, but in liability terms it can behave less like a medical device and more like a “trust me bro” generator, which is not an argument courts tend to enjoy (Cecchi et al., 2026).
After an error is confirmed and the feasibility of explanation is assessed, the framework turns reactive: it works backward from the adverse event. The first question is whether the model received correct and appropriate inputs. This matters because some “AI errors” are actually human or system-interface errors, such as incorrect data entry or platform design issues that distort input integrity. If input problems are found, the methodology can move more directly toward error classification without wasting effort on a full model performance re-evaluation (Cecchi et al., 2026). If inputs are sound, the analysis shifts to reassessing real-world model performance at the time of the event, explicitly asking “how does the model perform today?” rather than assuming development-stage metrics still apply (Cecchi et al., 2026). The authors highlight that AI systems can evolve or drift, and they connect this to the need for life-cycle assessment thinking and periodic reassessment, analogous to how other technical medical domains undergo recurrent quality certification (Cecchi et al., 2026).
Error classification is treated as a decision point that supports both accountability and prevention. The authors distinguish among input errors, structural or intrinsic model errors, and exceptional-case errors, and they further associate technical categories such as low accuracy, underfitting/overfitting, robustness limits, and specificity/sensitivity problems with medico-legal categorization. This matters because liability reasoning changes depending on whether harm arose from a correctable workflow/interface failure, a defective model, or an outlier case that could not reasonably have been anticipated given the model’s validated scope (Cecchi et al., 2026). Importantly, the methodology keeps the medico-legal “ex-ante” posture: assessment should be anchored in what could reasonably be known and expected at the time, rather than judging decisions with hindsight empowered by later information (Cecchi et al., 2026).
The later steps bring the framework into classic medico-legal territory while retaining AI-specific constraints: establishing causal links between identified errors and incorrect outputs, applying scientific probability criteria, and using counterfactual reasoning to test whether the error plausibly drove the adverse outcome. The paper is explicit that these steps will often require new expert collaborations, because applying universal laws, statistical laws, or rational credibility criteria in an AI context demands both medico-legal competence and technical understanding of how the system was built, validated, and deployed (Cecchi et al., 2026).
The final step is where the authors’ “basic message” becomes forward-looking rather than merely adjudicative. They expand the endpoint beyond damage estimation to include recommendations for model improvement, explicitly tying medico-legal analysis to risk management and patient safety. In their framing, liability assessment should not be a purely backward-looking exercise that ends with blame allocation; it should also generate structured feedback that reduces recurrence of similar errors through retraining, threshold adjustment, dataset improvements, or even redesign when warranted (Cecchi et al., 2026). This is a subtle but powerful repositioning: medico-legal work becomes part of a safety learning loop in AI-assisted healthcare, not just a courtroom aftershock (Cecchi et al., 2026).
To make the proposal more than a conceptual diagram, the authors describe an operational implementation: the adapted 13-step framework is currently embodied as prompts and structured questions that can be used with existing generative AI models to guide systematic information collection and analysis in AI-related medico-legal cases. They also position this as a precursor to dedicated software tools or decision-support interfaces that could embed the same workflow more formally across settings (Cecchi et al., 2026). The practical implication is that the methodology is designed to be usable, not merely publishable: a repeatable checklist-like reasoning path that can help standardize evaluations across cases and institutions, while still accommodating the technical heterogeneity of AI systems (Cecchi et al., 2026).
The article also illustrates application through a concrete scenario: an AI-based emergency department triage tool misclassifies a chest-pain patient as low priority, delaying assessment and culminating in a myocardial infarction. The authors use this to show how the methodology forces a disciplined sequence: validate the training data and representativeness in the proactive frame, identify the erroneous output and the expected standard of care in the transitional frame, verify input integrity and reassess performance at the time of harm in the reactive frame, then classify error type, reconstruct causality, estimate damage, and generate improvement actions (Cecchi et al., 2026). The example functions as a proof of “workflow plausibility”: the framework can structure real medico-legal reasoning without collapsing into either purely technical debugging or purely legal abstraction (Cecchi et al., 2026).
The authors are also candid about limitations, and that candor sharpens the paper’s call to action. They state that the proposal is conceptual and needs empirical validation using real-world AI-related adverse-event cases. They also recognize that medico-legal reasoning differs across jurisdictions, and that a framework grounded in European forensic tradition may need adaptation for different legal systems and procedural cultures (Cecchi et al., 2026). Rather than weakening their thesis, these caveats reinforce the paper’s intent: to seed an internationally relevant methodological debate with a concrete starting point that can be tested, localized, and refined (Cecchi et al., 2026).
Ultimately, the article’s fundamental message is that AI in healthcare cannot be governed only by norms, principles, or regulation text. When harm occurs, stakeholders need a practical, technically literate, and legally meaningful method to determine what failed, why it failed, whether it was preventable, and how responsibility and prevention should be addressed. Cecchi and colleagues propose that forensic medicine already offers a disciplined template for exactly this kind of reasoning, and that adapting it to AI is an urgent step toward safer deployment, fairer liability assessment, and stronger patient trust in AI-assisted care (Cecchi et al., 2026).
References: Cecchi, R., Calabrò, F., Camatti, J., Santunione, A. L., Sperti, M., Zizzi, E. A., & Deriu, M. A. (2026). Artificial intelligence in healthcare: Proposal for a new medico-legal methodology in medical liability. Legal Medicine, 80, 102764. https://doi.org/10.1016/j.legalmed.2025.102764
Mini Dictionary
Medico-legal methodology: A structured forensic approach used to evaluate responsibility and causation in healthcare harm cases, here adapted specifically for situations where an AI system is involved in clinical care. The point is to make liability assessment systematic rather than improvised (Cecchi et al., 2026).
Medical liability: The attribution of responsibility when a medical action or decision contributes to patient harm, including malpractice-style evaluations. In this paper, the “actor” can include an algorithmic system, which stretches classic human-centered liability logic (Cecchi et al., 2026).
ECLM 13-step methodology: A 13-step framework endorsed by the European Council of Legal Medicine, used as the reference template the authors adapt for AI-related cases. It explicitly combines preventive and retrospective reasoning into one workflow (Cecchi et al., 2026).
Proactive phase: The preventive part of the framework that happens before deployment, focusing on data availability and dataset validation to minimize bias and strengthen scientific reliability. It treats “bad data in” as a legally relevant upstream risk, not a technical footnote (Cecchi et al., 2026).
Transitional phase: The bridge between prevention and retrospective investigation, where erroneous outputs are identified, expected outputs are defined, and explainability is assessed. It is the phase that turns “something went wrong” into “what should have happened and can we reconstruct why” (Cecchi et al., 2026).
Reactive phase: The retrospective part that starts from the adverse event and works backward, checking inputs, reassessing model performance, classifying errors, analyzing causation, and estimating damage. Think of it as forensic reconstruction, but with an algorithm added to the suspect list (Cecchi et al., 2026).
Dataset validation: The process of verifying the dataset against scientific evidence and reliability expectations before model development. In the framework, this is a core liability-relevant checkpoint because data problems can pre-wire clinical errors (Cecchi et al., 2026).
Dataset representativeness: Whether the dataset adequately reflects the patient populations and clinical patterns the model will face in real practice. The authors emphasize representativeness because gaps can translate into systematic bias and predictable harm (Cecchi et al., 2026).
Bias minimization: Practical steps aimed at reducing systematic distortions in data and outputs so the model’s reliability is not uneven across groups. In this paper, bias is treated as both a safety problem and an accountability problem (Cecchi et al., 2026).
Algorithmic opacity: The condition where a model’s internal reasoning cannot be clearly inspected or narrated, making it hard to apply traditional medico-legal standards designed for human decision-making. The article frames opacity as a central obstacle in liability attribution (Cecchi et al., 2026).
Explainable AI (XAI): AI whose decisions can be understood and explained clearly to humans, allowing stakeholders to trace how inputs connect to outputs. In liability terms, XAI makes reconstruction of the decision pathway substantially more feasible (Cecchi et al., 2026).
Black box model: A system where inputs and outputs are visible but the internal process remains opaque and difficult to interpret. The paper notes that black boxes often require indirect reconstruction through performance re-analysis close to the time the erroneous output was generated, which is typically more complex and costly (Cecchi et al., 2026).
Accuracy–transparency trade-off: The technical crossroads where highly complex models can be more accurate yet less interpretable, creating medico-legal tension because high performance does not automatically translate to explainable responsibility. The authors frame XAI as a key response to this trade-off (Cecchi et al., 2026).
Decision-making reconstruction: The attempt to rebuild how the system produced a specific output, crucial for causal analysis and liability attribution. The framework treats this as easier for XAI and evidentially harder for black boxes (Cecchi et al., 2026).
Sensitivity and stability testing: An indirect method suggested for black-box situations, repeatedly observing outputs under calibrated inputs to infer what drives decisions and how stable the model is across variable ranges. This turns the black box into a “glass box-ish” system through testing, not confession (Cecchi et al., 2026).
Input integrity: Verification that the data entered into the AI system were correct, complete, and properly recorded at the point of care. In the reactive phase, this is a key branch point because some “AI errors” originate from bad inputs rather than defective modeling (Cecchi et al., 2026).
Evolving model performance: The idea that an AI system’s real-world behavior can shift over time due to drift, updates, or context change, which complicates accountability if performance at deployment differs from performance at the time of harm. The authors explicitly flag evolving performance as an AI-specific challenge (Cecchi et al., 2026).
Erroneous output: The incorrect result produced by the AI (for example, a wrong classification or recommendation) that becomes the focal object of investigation. The transitional phase requires identifying the wrong output and comparing it to what should have occurred under standards of care (Cecchi et al., 2026).
Expected output: The clinically correct or normatively expected result, anchored to the standard of care, used as the comparator against the erroneous output. This is how the framework keeps the analysis tethered to real clinical obligations, not just model metrics (Cecchi et al., 2026).
Error classification: A structured categorization of what type of failure occurred (for example, systemic bias versus isolated malfunction), used to support both causal reasoning and responsibility attribution. The reactive phase explicitly includes classification as a required step (Cecchi et al., 2026).
Causal analysis or causal reconstruction: The forensic process of linking an error and its mechanisms to the observed adverse outcome, using a backward reconstruction from the event. In this paper, causal reconstruction is positioned as one of the core deliverables of the reactive phase (Cecchi et al., 2026).
Adverse event: A harmful clinical outcome that triggers retrospective investigation, such as deterioration, delayed treatment, or injury linked to care processes. The framework is designed to guide case-specific evaluation “when adverse events occur” (Cecchi et al., 2026).
Damage estimation: The medico-legal step of quantifying harm for accountability purposes. The authors extend this beyond traditional damage assessment to also include recommendations for model improvement, explicitly tying liability work to patient safety and risk management (Cecchi et al., 2026).
Risk-management feedback loop: The idea that conclusions from liability assessment should feed back into improving the model and reducing future error risk. The paper frames this as a methodological expansion that links medico-legal evaluation with patient safety aims (Cecchi et al., 2026).
Interdisciplinary task force: The development approach used by the authors, combining forensic medicine specialists and AI engineers to ensure both methodological rigor and technical accuracy. The message is implicit: medico-legal evaluation of AI fails if it cannot “speak engineering” (Cecchi et al., 2026).
Prompt-based implementation: The operational form of the adapted framework, implemented as prompts and structured questions that can be used with generative AI models, including large language models, to guide systematic case analysis. This is presented as a bridge toward dedicated decision-support tools (Cecchi et al., 2026).
AI-based triage system: The illustrative case used to show how the methodology works in practice, where a chest-pain patient is classified as low priority, leading to delayed assessment and a myocardial infarction. The example highlights how representativeness checks, standard-of-care comparison, and input integrity become central medico-legal questions (Cecchi et al., 2026).