Asia-Pacific is rapidly reshaping the global conversation on AI in health care. As AI-driven diagnostics, drug discovery, and patient monitoring scale in this vast and diverse region, regulators are tightening data protection rules to balance innovation with trust. For life sciences businesses, understanding these developments is critical to balancing innovation with compliance and maintaining trust in a rapidly changing market.

Australia is advancing reforms to its Privacy Act, to align with global standards. The government is also piloting frameworks for cross-border health data sharing, with a focus on existing frameworks like the Therapeutic Goods Act regulating software as medical devices, and guidance emphasizing human practitioner oversight for AI use.

China regulates health care AI through a layered system of laws, including the Personal Information Protection Law, Cyber Security Law, Data Security Law, and AI-specific rules on generative AI, deep synthesis, and medical devices. These laws mandate data localization, algorithmic accountability, and the registration of high-risk systems in specified contexts.

India had its Digital Personal Data Protection Act take effect in 2025, with a phased roll-out. Compliance hinges on clear consent requirements, individual rights, and data fiduciary obligations. Aside from its Medical Device Rules on software as a medical device, there is a proposed AI (Ethics and Accountability) Bill pushing for AI innovation, as well as ethical guidelines by the Indian Council of Medical Research establishing safe and accountable practices in AI diagnostics and treatment.

Japan's AI Promotion Act (2025) promotes national AI development, and operates in tandem with its Act on the Protection of Personal Information, which saw significant updates in 2022, as well as digital health guidelines issued by its Ministry of Health, Labor and Welfare.

Singapore enacted in January 2026 a Health Information Bill for health care providers to upload patient records on to a national database. It continues to refine its Personal Data Protection Act, with sector-specific guidance for health care. For AI, the focus is on compliance with existing regulations as well as AI governance in lieu of comprehensive, standalone legislation.

South Korea passed its AI Basic Act, effective January 2026. It imposes risk management obligations on high-impact systems, including health care. The Personal Information Protection Act and Network Act continue to apply concurrently, further imposing strict incident reporting requirements.

Vietnam has a new AI Law that takes effect in stages, starting in 2026. It establishes a risk-based framework, categorizing health care AI as "high-risk," requiring strict premarket assessment and registration. The law aims to manage sensitive applications like medical diagnostics, ensuring human-centric, fair, and secure AI.

The Asia-Pacific region is entering a pivotal phase in digital health governance. For life sciences companies, APAC's regulatory diversity means multi-jurisdictional compliance strategies are essential. Organizations looking to navigate this complex landscape should consider engaging with experienced advisors to ensure compliance and unlock the full potential of AI in health care.