Checking a box that says "I agree" is not informed consent. It never has been. In traditional clinical settings, informed consent doctrine requires that a patient understand what is being done, why, and what alternatives exist. When an AI system participates in that evaluation, the obligation deepens. The patient now deserves to know not just what a clinician will do, but what an algorithm will infer, how that inference will influence a clinical decision, and what happens when the model is wrong.
As of 2026, most AI-assisted clinical screening platforms are still operating under consent frameworks designed before machine learning entered the room. That gap is a legal liability, an ethical failure, and increasingly a regulatory target. At TheraPetic® Healthcare Provider Group, our clinical team led by Dr. Patrick Fisher, PhD, LPC, NCC, has spent years designing consent workflows that hold up under scrutiny when AI is in the loop. This article documents what that actually looks like.
What Informed Consent Actually Requires When AI Is Involved
The legal foundation for informed consent in the United States draws from a long line of case law and federal guidance, including the Common Rule codified at 45 CFR 46, which governs human subjects research. For clinical care outside formal research protocols, the standard is rooted in state medical practice law and professional ethics codes from bodies like the American Psychological Association.
None of those frameworks were written with a large language model in the clinical intake pipeline. That does not mean they do not apply. It means interpretation is required, and in 2026, that interpretation is increasingly going against organizations that offer vague or purely technical disclosures.
The core elements of informed consent, as articulated in the Belmont Report and operationalized in 45 CFR 46.116, include disclosure of purpose, description of procedures, identification of reasonably foreseeable risks, description of benefits, disclosure of alternatives, and a statement of confidentiality. When AI is involved, each of those elements acquires a new layer of meaning that a standard consent template does not address.
The purpose of AI in clinical intake is not simply "to help us serve you better." That phrasing obscures more than it reveals. A patient being evaluated for a psychiatric service dog letter, a behavioral health intake, or a mental health screening deserves to know that a language model is analyzing their responses, that the model's output informs a Licensed Clinical Doctor's assessment, and that the model carries known limitations including the risk of demographic bias documented in peer-reviewed literature.
The Seven Disclosure Elements AI Clinics Cannot Skip
Based on our clinical experience and review of HUD guidance, FDA Software as a Medical Device frameworks, and academic consensus emerging from venues like NEJM AI and the Partnership on AI, we have identified seven disclosure elements that belong in every AI-assisted clinical consent document.
1. Identity of the AI system. Patients have a right to know that an automated system is involved and what kind. "We use an AI tool to assist in your evaluation" is insufficient. The consent should name the category of technology, describe its general function, and clarify whether it is a language model, a decision-support classifier, or a risk-scoring algorithm.
2. The role of the AI in clinical decision-making. Is the AI generating a draft assessment? Is it flagging responses for clinician review? Is its output ever the final determination? These are materially different roles and the patient must understand which applies to their case.
3. Limitations and known failure modes. An honest consent document acknowledges that AI systems produce errors, that language models can misinterpret nuanced responses, and that performance may vary across demographic groups. This is not legal boilerplate. It is a clinically meaningful fact that bears on a patient's decision to participate.
4. Human oversight structure. Who reviews the AI output? What credentials do they hold? Can a patient request that their case be evaluated without AI involvement? The consent framework must answer these questions plainly.
5. Data retention and model training. If patient responses are retained and potentially used to fine-tune or evaluate AI model performance, that is a research-adjacent activity that requires explicit disclosure and frequently triggers IRB review requirements. This point is consistently underemphasized in commercial platforms.
6. Right to withdraw or opt out. Under the Common Rule and general informed consent ethics, a patient must be able to decline AI involvement and still receive care, or at least understand the consequences if declining AI participation affects service delivery.
7. Contact point for concerns. Patients must know who to contact if they believe the AI system produced an error that affected their evaluation. A generic support email does not meet this standard. A named clinical contact or formal grievance pathway does.
Comprehension Validation: Confirming Understanding Beyond a Signature
A signature proves only that a person clicked or signed. It does not prove understanding. Comprehension validation is the clinical and ethical practice of confirming that a patient actually understood what they consented to before the process begins.
In research settings, comprehension validation is sometimes formalized through a "teach-back" method, where participants are asked to explain the study back in their own words before enrollment. In AI-assisted clinical screening, a fully rigorous teach-back may not be operationally feasible at scale, but a lightweight comprehension check absolutely is.
Our team at TheraPetic® built comprehension validation into the HANK AI intake workflow as a structured question layer. After the consent disclosures are displayed, patients are asked two to three brief questions: "What will the AI tool do with your responses?" and "Who will review the AI's output before any decision is made?" The answers are auto-scored against a rubric developed by our clinical team. If comprehension falls below threshold, the patient is routed to a human onboarding specialist before proceeding.
This model draws on the work of researchers studying health literacy in digital consent contexts. Studies published in platforms like JAMA Internal Medicine have documented that standard digital consent forms are frequently written at a reading level well above the average American adult. When the subject matter includes terms like "algorithmic inference" or "natural language processing," that gap widens sharply.
Plain language is not a compromise of clinical rigor. It is an expression of it. Telling a patient that "a computer program will read your answers and summarize them for a licensed doctor who will make the final decision" is more honest and more clinically useful than a paragraph of technical hedging written to protect the organization rather than inform the patient.
IRB Considerations for Nonprofit AI Screening Research
Nonprofit healthcare organizations occupy a specific and sometimes ambiguous position in the human subjects research regulatory landscape. As a 501(c)(3) provider, TheraPetic® Solutions Inc. (EIN 81-3003968) takes the position that AI-assisted clinical evaluation workflows that generate aggregate performance data on model outputs are research-adjacent and warrant IRB-equivalent review, even when not conducted under a formal federal research grant.
The regulatory question is whether collecting patient responses to evaluate or improve an AI model constitutes "research" under 45 CFR 46. The definition hinges on whether the activity is "designed to develop or contribute to generalizable knowledge." Model evaluation and performance logging almost always qualifies. Organizations that collect this data without IRB review are operating on borrowed time as federal enforcement attention shifts toward algorithmic accountability in clinical AI.
For nonprofits without institutional affiliation, the options for IRB review include independent IRBs such as WCG or Advarra, or the formation of an internal research ethics committee with documented procedures. The key requirements under the Common Rule for minimal-risk research include: a written protocol describing the AI system and its clinical function, a consent form meeting the elements in 45 CFR 46.116, documentation of how participant data will be protected, and a plan for handling adverse events or unexpected harms from AI errors.
One practical complexity unique to AI research is the challenge of defining "harm" in a clinical AI context. If a language model produces a biased assessment that causes a patient to be incorrectly denied a clinically indicated letter, is that an adverse event? Our clinical team's position is yes. IRB protocols for AI-assisted screening should include explicit definitions of AI-related adverse events and a documented escalation pathway.
How TheraPetic® Structures Consent in HANK AI Workflows
HANK AI is the clinical intake infrastructure developed by TheraPetic® Healthcare Provider Group and deployed across mypsd.org and the verification infrastructure at verify.mypsd.org. The consent architecture in HANK AI was designed from the ground up to meet the seven disclosure elements described earlier, not to satisfy a minimum legal threshold.
The intake workflow presents consent in a layered format. The first layer is a plain-language summary: three short paragraphs explaining what AI does in the process, what a Licensed Clinical Doctor does, and what the patient can do if they have concerns. The second layer provides technical detail for patients who want it, including a description of how the language model processes intake responses, what data is retained, and how model outputs are reviewed.
Patients who flag concerns about AI involvement are routed to an expedited human review pathway. No patient is denied access to clinical evaluation because they declined AI-assisted processing. That is a non-negotiable ethical constraint built into the system architecture, not a policy document that can be overridden by an operational decision.
The comprehension validation layer described in the previous section runs automatically after consent is displayed. Aggregate comprehension scores are reviewed monthly by the clinical team to identify whether specific disclosure language is consistently misunderstood, which then triggers a plain-language revision cycle.
This approach is consistent with guidance from the FDA's framework for AI/ML-based Software as a Medical Device, which as of 2026 emphasizes transparency and human oversight as foundational requirements for clinical AI deployment. It also aligns with emerging standards from organizations like Stanford HAI, which has called for patient-facing disclosure as a minimum floor for clinical AI deployment.
Algorithmic Transparency as a Clinical Obligation
There is a persistent argument in health technology circles that algorithmic transparency creates legal exposure. The reasoning goes: if you tell patients what your model can get wrong, they will disengage or litigate. This argument is both clinically backward and legally shortsighted.
Patients who understand the limitations of a clinical tool are better positioned to advocate for themselves when something goes wrong. A patient who was told "our AI system may not perform equally well across all demographic groups" is a patient who has been treated as a capable adult. A patient who was handed a checkbox and told "we use technology to help your care" is a patient who was managed rather than informed.
Algorithmic transparency also creates a clinical feedback loop that improves care. When patients understand what the AI is doing, they provide more considered and deliberate responses to intake prompts. When they know a human is reviewing the output, they engage with that review more meaningfully. Transparency is not just an ethical obligation. It is a clinical mechanism that makes AI-assisted evaluation more accurate.
Researchers publishing in nature.com/digital-medicine and NEJM AI have consistently documented that patient trust in AI-assisted clinical tools is correlated with perceived transparency and human oversight, not with the sophistication of the underlying model. A less capable but more transparent AI system may produce better clinical outcomes than a more capable opaque one, because patients engage more honestly with tools they trust.
Building Consent Infrastructure That Scales Without Cutting Corners
The operational challenge for nonprofits is that rigorous consent frameworks take time to build and require ongoing maintenance. Model updates change what the AI does. Regulatory guidance evolves. Patient literacy varies. A consent document that was accurate and comprehensible in early 2026 may not be adequate after a significant model version change.
The infrastructure solution is to treat consent documentation as a living clinical document governed by the same change-management procedures that apply to clinical protocols. At TheraPetic®, consent language is versioned, dated and tied to specific model versions in the HANK AI deployment log. When a model update changes how outputs are generated or what data is retained, the consent language is reviewed before the new model goes live.
For organizations building consent infrastructure from scratch, three practical starting points are worth prioritizing. First, audit your current consent language against the seven disclosure elements described in this article. Identify what is missing and assign ownership for drafting the additions. Second, implement at minimum a two-question comprehension check before any AI-assisted evaluation begins. Third, determine whether your AI performance data collection triggers the federal definition of human subjects research and pursue IRB review accordingly.
The field of AI ethics in nonprofit healthcare is moving quickly. The organizations that build honest, scalable and patient-centered consent infrastructure now will be the ones best positioned as regulatory requirements formalize. Checking the box was never enough. In 2026, it is not even close.
For clinical teams and AI engineers interested in the technical architecture of HANK AI's consent and verification workflows, additional documentation is available at therapetic.net and through the data governance frameworks documented at mydatakey.org. Clinical intake and service dog verification infrastructure can be reviewed at mypsd.org and servicedog.ai.