Audience: Large Healthcare Enterprises; State/Federal Health Regulators; CIO/CISO with systems in eRx, patient identity, or medication safety workflows. Cross-industry Contagion Risk (Moderate): If Utah’s regulatory sandbox and mitigation agreement model holds up, expect copycat pilots in other regulated decision lanes (insurance claims, eligibility/benefits, case triage) where automation pressure is high and accountability is fuzzy.
Executive Summary
Utah has authorized an autonomous AI system (Doctronic) to renew certain non-controlled prescriptions for chronic conditions under a state regulatory sandbox, with staged human oversight (first cohort reviewed, then retrospective audits). The real story isn’t that AI can click refill, it’s that a state has started testing delegated clinical authority via a legal instrument–a regulatory mitigation agreement that partially sidesteps traditional only-licensed-humans-prescribe assumptions. That creates immediate governance questions like patient identity assurance, EHR/pharmacy data integrity, auditability, liability, and whether FDA will treat this as a regulated medical device function.
Introduction
The …