GRAICE-DELFOS: Towards a GenAI-Powered Framework for Continuous Cybersecurity and Safety Compliance in High-Risk Healthcare AI Systems

Abstract

Ensuring AI safety and cybersecurity compliance for high-risk healthcare AI is complex under the EU AI Act, NIS2, and Cyber Resilience Act. This paper introduces GRAICE, a GenAI-based framework for automated remediation and continuous regulatory alignment, integrated into DELFOS, a clinical support tool for genetic diagnostics. By embedding GenAI agents into the AI lifecycle, the system replaces static audits with a continuous, evidence-driven compliance and cybersecurity continuum. Expected results include enhanced resilience, automated risk mitigation, and increased clinical trust.