Safe, Effective Use of AI‑Powered Instruments in Optometry Education (Philippines, 2025): A Policy/Practice Analysis Aligned with Philippine Privacy and Medical Device Software Regulation

1. Introduction

At the Centro Escolar University (CEU) School of Optometry, the integration of artificial intelligence (AI)–enabled instruments has moved from concept to clinic. Over the past academic terms, our teaching clinics began using AI‑assisted tools in routine eye tests and in screening for ocular abnormalities. As a faculty member and clinical instructor, I have seen—at the level of the exam lane and OSCE station—how these systems can accelerate workflows, standardize image quality, and surface decision cues that would otherwise demand specialist time. When used with appropriate governance, AI does not replace clinical judgment; it sharpens it.

This policy‑practice paper is therefore written from the vantage point of an educator responsible for patient safety, learner competency, and service efficiency. In my teaching practice, AI‑generated outputs—whether an automated image‑quality flag on a fundus photograph or a suggested classification on an OCT scan—have been most valuable when they produce results that are (1) accurate, (2) fast, and (3) reliable across diverse patients and devices. The promise is clear: shorter capture times, fewer repeat tests, earlier detection, and richer feedback for students. The responsibility is equally clear: we must evidence these benefits locally, monitor for drift and subgroup gaps, and retain faculty‑in‑control of clinical decisions.

The Philippine regulatory environment is evolving quickly—anchored by the National Privacy Commission’s Advisory 2024‑04 on generative AI and the Food and Drug Administration–Philippines’ draft circular on medical device software—while global health guidance (e.g., WHO on large multimodal models) and professional bodies provide additional guardrails. Against this backdrop, optometry schools need operational guidance that translates policy into classroom and clinic controls. What follows is a targeted policy synthesis and implementation framework tailored to CEU’s teaching context but generalizable to similar programs, emphasizing lawful deployment, performance validation, equity, and change control.

Specifically, this article contributes: (a) a transparent, reproducible methodology prioritizing Philippine primary sources; (b) a comparative regulatory snapshot (PH vs regional/global anchors) to justify procurement and update requirements; (c) an expanded evidence base across AI‑instrument classes with subgroup metrics for equity checks; and (d) an evaluation framework with key performance indicators (KPI), thresholds, and OSCE rubrics to embed AI‑literacy behaviors into training. The goal is straightforward: to help faculty deliver patient‑safe, educator‑led AI adoption that measurably improves learning outcomes and clinic performance in Philippine optometry education.

2. Methodology

Design & window: Targeted policy synthesis (1 Jan–26 Oct 2025, Asia/Manila). Sources: (a) Philippine primary documents—NPC Advisory 2024‑04; FDA‑PH draft MDSW circular; DTI NAISR 2.0; NEDA AI policy note; (b) Professional guidance—Royal College of Ophthalmologists; College of Optometrists; (c) Frameworks—WHO guidance on large multimodal models; FUTURE‑AI consensus; (d) Peer‑reviewed Philippine evidence on diabetic retinopathy (DR) AI and tele‑ophthalmology. Search & selection: site‑restricted queries (e.g., site:privacy.gov.ph, site:fda.gov.ph) and PubMed/Scopus keywords (e.g., “diabetic retinopathy AND Philippines AND artificial intelligence”). Inclusion: official PH documents and peer‑reviewed items on AI in health/ophthalmology/education. Exclusion: opinion pieces without citations, non‑PH press. Extraction & synthesis: we abstracted legal/regulatory requirements (lawful basis, DPIA, post‑market, change control) and mapped them to operational classroom controls and procurement clauses; conflicts were resolved in favor of Philippine law/regulation. Limitations: not a systematic review; evolving FDA‑PH circular; mitigated by prioritizing primary documents and date‑stamping searches.

3. Eligibility criteria

Inclusion: (a) primary Philippine legal/regulatory/government artifacts (advisory, circular/guideline, strategy note) on AI/automated decision systems, medical device software, health data, or educational/clinical use; (b) professional guidance from recognized authorities (RCOphth; College of Optometrists); (c) peer‑reviewed empirical studies conducted in the Philippines (preferred) or ASEAN when PH data absent; (d) main window 1 Jan 2025–26 Oct 2025 with seminal pre‑2025 documents retained if in force.

Exclusion: non‑documented opinions, news/blog posts, unreferenced commentary; vendor marketing without independent evaluation; non‑PH government documents unless used for explicitly labeled comparative policy benchmarking.

4. Screening & selection

Level 1 (titles/headers): one reviewer screened all hits. Level 2 (full text): two reviewers assessed eligibility; disagreements resolved by consensus, applying a “Philippine law/regulator primacy” rule. A selection log captured full‑text exclusion reasons.

5. Data extraction

Regulatory/policy: authority, legal force (law/advisory/draft), scope, obligations (lawful basis, DPIA, consent, post‑market surveillance, change control), enforcement/remedy, and currency.

Empirical studies: setting, instrument/task, dataset provenance (local vs external), reference standard, sample size, primary outcomes with CIs, subgroup performance, regulatory status, post‑deployment monitoring.

Operational mapping: each requirement was mapped to classroom/clinic controls and procurement clauses (configuration logging, override audit, acceptance testing, termly validation).

Table 1: Quality appraisal rubric (0–2 scale: No/Partial/Yes; critical items ★)

6. Synthesis approach

Directed content analysis: obligations/safeguards from primary sources were coded to a taxonomy (lawful basis, DPIA, consent/assent, validation, update control, post‑market surveillance, logging/auditability, RBAC, pedagogy/assessment). Codes were mapped to operational controls and procurement clauses. Conflicts favored Philippine requirements; gaps bridged with WHO LMM and FUTURE‑AI principles as international best‑practice.

7. Limitations

This study has several limitations. First, it is a targeted policy synthesis rather than a full systematic review, and we may have missed relevant international or regional documents outside our predefined domains. Second, the KPI thresholds and governance processes, while informed by existing evidence and local operational experience, are still partly normative and require further empirical validation. Third, the worked change-control case is drawn from a single teaching clinic context and may not fully reflect the constraints of under-resourced or differently structured institutions. Finally, Philippine regulatory instruments cited here, particularly the draft FDA-PH circular on medical device software, are subject to change; institutions adopting this framework will need to monitor regulatory updates and adjust accordingly.

8. Conclusions

AI-powered instruments are no longer optional novelties but emerging infrastructure in optometry education and practice. In the Philippine context, educators cannot outsource governance of these tools to vendors or generic institutional policies alone. By aligning with national law and regulation, professional guidance, and global frameworks, and by embedding clear KPIs, change-control processes, and OSCE-based assessment into routine operations, optometry teaching clinics can integrate AI in ways that are safe, transparent, and educationally meaningful. The framework presented here offers a practical starting point that can be adapted, stress-tested, and progressively strengthened as the regulatory and technological landscape evolves.

9. Findings: Issue Overview

Governance in teaching clinics is under‑specified: classroom use requires explicit role definitions (AI assistive only; faculty accountable), AI‑specific DPIA, and logging (NPC, 2024). Regulatory expectations for MDSW are evolving, creating procurement risk if tools are not regulatory‑ready (FDA‑PH, 2025). Philippine studies demonstrate feasibility of handheld/point‑of‑care imaging and tele‑ophthalmology but underscore the need for local validation and performance monitoring (Salongcay et al., 2024; Arcena et al., 2024; Azarcon et al., 2021; Daza et al., 2022).

10. Policy Recommendations

10.1. Governance and Accountability

1) Faculty‑in‑control rule: AI outputs (quality flags, structured observation prompts) are suggestive only; supervising faculty make and communicate all clinical judgments. Document faculty sign‑off in the learning record (RCOphth, 2024; College of Optometrists, 2025).

2) DPIA + transparency: Complete an AI‑specific DPIA and publish a patient/learner‑facing notice describing tools, data flows, oversight, and rights; apply data minimization and PETs (NPC, 2024).

3) Configuration control & logging: Maintain a configuration register (features on/off, model version, faculty) and log AI–human disagreements/overrides; export logs monthly for QA (WHO, 2025; FUTURE‑AI, 2025).

4) Bias & performance monitoring: Run a mini local validation each term (image‑quality pass rate, failure modes, subgroup review) and document corrective actions (FUTURE‑AI, 2025).

5) Assessment integrity: For non‑AI OSCEs, lock diagnostic suggestions; for AI‑literacy OSCEs, evaluate safe‑use behaviors (recognizing drift, appropriate override, privacy compliance).

10.2. Procurement and Regulatory Readiness

1) Evidence dossier (bid requirement): intended use (education/assistive), regulatory roadmap for FDA‑PH MDSW, validation summaries with subgroup metrics, post‑market plan, security/privacy whitepaper, and change‑management policy.

2) Contract clauses: (a) Regulatory‑ready warranty—vendor to comply with FDA‑PH MDSW; (b) Model update control—advance notice, change log, deferred update and rollback, local re‑verification; (c) Post‑market—incident portal, 72‑hour safety notice, patch SLAs; (d) Data protection—PH residency where feasible, de‑identification for teaching, no secondary use without consent; (e) Audit & exit—export and verified deletion.

3) Acceptance testing: Sandbox dry‑run (lockouts, logging, audit trails) and pilot with a local sample before classroom scale‑up.

4) Security & privacy controls: SSO with RBAC, per‑user audit trails, encryption, anonymization pipeline, retention timer (NPC, 2024).

5) Costing & sustainability: include training, DPIA, validation, log storage, and post‑market support in total cost of ownership; negotiate education pricing and an exit ramp.

10.3. Comparative Regulation Snapshot: Philippines vs. Regional/Global Anchors

Purpose: to justify procurement clauses, update/change-control requirements, and post‑market monitoring by benchmarking the Philippines against at least two mature jurisdictions. Where conflicts exist, institutional policy defaults to Philippine law/regulator requirements. Entries below reference primary, canonical publications (list provided after the table).

Table 2: Regulation Snapshot of Philippines vs. Singapore, Malaysia & EU

* Notes: The Philippines MDSW circular is currently a DRAFT; final text will supersede placeholders here. Singapore HSA and Malaysia MDA align closely with IMDRF SaMD principles. EU MDR Rule 11 commonly elevates the class of diagnostic/decision‑support software. Institutions should default to the most stringent applicable requirement when procuring multi‑site or cross‑border systems.

10.4. Evaluation Framework: KPIs, Thresholds, and OSCE Rubrics

This framework specifies institution‑level key performance indicators (KPIs) with explicit thresholds, monitoring cadence, and ownership; and a competency‑based OSCE rubric to evaluate AI‑literacy behaviors in teaching clinics. KPIs align with the Methodology’s operational mapping (validation, update control, post‑market surveillance, privacy compliance, equity).

Table 3: KPI Catalog (institutional monitoring)

Threshold logic: KPI breaches trigger documented corrective actions (CAPA). Equity and performance breaches require immediate local re‑validation; privacy/compliance breaches halt deployment until resolved. All termly validations are archived with version hashes of models/configs.

Table 4: OSCE Rubrics for AI‑literacy Behaviors

Scoring scale: 1–5 (1 = Unsafe/Absent, 3 = Competent, 5 = Exemplary). Candidates must score ≥3 on all critical items (★) and ≥85% aggregate. Stations simulate real clinic workflows with AI‑assisted instruments. Inter‑rater reliability target κ ≥ 0.7.

Station 1 — Image Quality Triage & Capture (critical: QC; privacy)

Station 2 — AI Output Appraisal & Override (critical: clinical reasoning; override rationale)

Station 3 — Change Control & Validation Review (critical: update risk; documentation)

Station 4 — Incident Reporting & CAPA (critical: safety; timeliness)

Station 5 — Privacy, DPIA & Data Governance (critical: DPA/NPC compliance)

Passing criteria: aggregate ≥ 85% AND no critical (★) item below 3 on any station. Rater calibration: conduct a 10‑case calibration; compute κ; if κ < 0.7, retrain and re‑assess before summative OSCE. Archive OSCE sheets and link to the KPI dashboard.

Abbreviations

1.     AI – Artificial Intelligence

2.     DPIA – (Data) Privacy Impact Assessment

3.     DTI – Department of Trade and Industry

4.     FDA‑PH – Food and Drug Administration Philippines

5.     FUTURE‑AI – International consensus guideline for trustworthy medical AI

6.     LMM – Large Multimodal Model

7.     MDSW – Medical Device Software

8.     NEDA – National Economic and Development Authority

9.     NPC – National Privacy Commission

10.   OSCE – Objective Structured Clinical Examination

11.   PETs – Privacy‑Enhancing Technologies

12.   REACH‑DR – Remote Retinal Evaluation Collaboration in Health – Diabetic Retinopathy

13.   WHO – World Health Organization.

Funding: None declared.

Conflicts of Interest: The author declares no competing interests.

Ethics: This synthesis used publicly available documents and published studies and did not involve individual-level data collection. Institutional research ethics approval was therefore not required. For the worked change-control example, all operational details were de-identified and presented as an illustrative case.

Declaration of Generative AI and AI-assisted Technologies: This study has not used any generative AI tools or technologies in the preparation of this manuscript.