The Regulatory Pulse of Indonesian Healthcare AI

Artificial intelligence is becoming a core feature of Indonesia’s healthcare strategy. What began with telemedicine expansion during the Covid‑19 pandemic is now extending into diagnostics, administration and national health infrastructure. For healthcare providers, technology companies and investors, this presents material growth opportunities alongside regulatory uncertainty.

Indonesia does not yet have healthcare‑specific AI regulation. Instead, AI deployment is shaped by existing health laws, data protection rules, electronic systems regulations, ethical guidelines and national AI policy. This means regulatory risk depends heavily on how each AI use case is structured and deployed and how such deployment fits into the current regulatory framework.

This article outlines Indonesia’s emerging healthcare AI framework, the commercial drivers behind adoption, and the regulatory and data protection issues that matter most for businesses seeking to scale AI solutions in the Indonesian healthcare market.

Assessing AI deployment in the healthcare sector through the lens of the current regulatory landscape 

The existing regulations do not adequately address potential use cases for AI in the healthcare sector. To understand the regulatory requirements for a particular AI deployment, it is important to understand the specific tasks that the AI will undertake, whether these activities are covered by the current regulations, and how deployment fits into the current regulatory framework. 

AI deployment in the healthcare sector may have different risk profiles in terms of its impact on public health and safety. Parties deploying AI to provide indicative diagnoses or clinical management advice directly to the public or end-users must consider whether that activity constitutes "provision of clinical services", which is a regulated activity that must be provided by a licensed health facility or medical professional. On the other hand, deploying AI to automate administrative functions such as handling patient inquiries and administrative triage, claim validation or inventory management has a lower risk profile. 

Another common AI deployment by health facilities is to analyse CT, MRI and X-ray scan results for early detection of illnesses such as tuberculosis. In such cases, the assessment would be whether this deployment constitutes a "medical device", which would make it subject to existing regulatory requirements. Under the current regulations, medical devices are defined broadly to include software, suggesting that AI software would fall under this category. That said, we understand that regulators have applied a narrow interpretation of the definition, meaning that AI‑driven healthcare applications would not be considered medical devices since they are not used “on a human body".

Existing healthcare AI framework and priorities

There is currently no specific regulatory framework for AI adoption in Indonesia's healthcare sector. In the meantime, AI implementation in the healthcare sector must comply with (i) Indonesia's existing healthcare regulatory framework, (ii) Circular Letter No. 9 of 2023 on AI Ethical Guidelines issued by the Ministry of Communication and Digital Affairs (MOCD) (the AI Circular Letter) and (iii) Indonesia's national AI roadmap and strategy.

Healthcare regulations

Government Regulation No. 28 of 2024 on the Implementing Regulation of Law No. 17 of 2023 on Health (GR 28/2024) provides little guidance, only mentioning that the National Health Information System may include the implementation of electronic medical records, telemedicine, telehealth, robotics, and artificial intelligence. It does not elaborate on any restrictions, limitations or permitted uses of AI in public or private healthcare services. As such, each AI deployment would need to be assessed based on the specific use case to determine whether the activity undertaken or performed by the AI is regulated under the current healthcare regulations. If it is, then a specific licence will be required. 

AI ethical guidelines

The AI Circular Letter outlines ethical values to be observed when using AI, such as inclusivity, humanity, security, and personal data protection. It also contains broad ethical guidelines on AI deployment across sectors. For more about the AI Circular Letter, please see our 2024 bulletin. Noting that the AI ethical guidelines are sector agnostic, AI deployment in general would need to comply with the AI ethical guidelines as closely as possible.

Indonesia's AI roadmap

Indonesia's AI National Strategy 2020–2045 issued by the Agency for the Assessment and Application of Technology (Badan Pengkajian dan Penerapan Teknologi or BPPT) (the AI Roadmap) sets out long-term national priorities for AI adoption, including in healthcare as a national priority sector. 

In general, the AI Roadmap states that Indonesia's healthcare system needs to shift focus from curative to preventive care through the "4P" approach – predictive, preventive, personalisation and participation. It also notes that the interoperability of health data is a critical foundation for AI deployment in healthcare since it enables AI models to analyse large‑scale datasets, generate predictive insights, and support care delivery under the 4P framework. 

Currently, interoperability is being developed through SATUSEHAT, the Ministry of Health’s national integrated digital health data platform launched in 2022, which is designed to unify health information across public and private providers, laboratories, pharmacies, insurers, and digital health applications. From a market perspective, SATUSEHAT establishes the infrastructure for AI‑enabled health solutions to be developed and deployed at national scale, aligning with government priorities.

Evolving blueprint for healthcare AI in Indonesia

2025 white paper on AI 

To implement the AI Roadmap, the MOCD issued a draft white paper in 2025 (the 2025 White Paper) defining Indonesia's vision on how AI can be used in national development, noting that Indonesia has one of the ten largest active daily user bases for generative AI, with 221 million internet users.

Consistent with the AI Roadmap, the 2025 White Paper places healthcare as a priority sector for AI deployment, reflecting both the scale of unmet needs within Indonesia’s healthcare system and the significant potential impact of technology‑enabled solutions. It identifies some potential AI use cases to improve the healthcare system, including: 

• development of integrated national data to map areas vulnerable to stunting; 
• early and more accurate detection of tuberculosis through use of AI in radiology; 
• real-time detection of anomalous health claims to minimise fraudulent claims under the national health insurance scheme; and 
• monitoring availability of pharmaceutical products across the country. 

Draft presidential regulation on AI ethics

To crystalise the regulatory framework on AI ethics, the government is preparing a draft presidential regulation on AI ethics which reiterates the ethical principles for deploying AI set out in the AI Circular Letter. It broadly provides risk identification and mitigation guidelines for industry players, end users and technical ministries to implement in the development and use of AI. This will also apply to the healthcare sector. 

Risks are divided into three categories: 

1. unacceptable risk, where the use of AI threatens people's safety and human rights – for example, real-time facial recognition in public places without a clear legal basis, or social scoring that may lead to discrimination; 
2. high risk, where the AI system uses specific personal data (including health, biometric and genetic data) and significantly impacts human rights, safety or essential public services, and could harm an individual or group upon system errors, misuse or failure – for instance, using AI to analyse a patient's medical records for diagnostic purposes or to recommend medical treatment; and
3. low risk, where the use of AI causes zero or minimal threat to human rights and safety. 

Based on this risk assessment, AI deployment in the healthcare sector which is closely associated with clinical services would likely fall within the high-risk category. 

Conclusion

Indonesia has signalled that AI will play a central role in the future of its healthcare system. Healthcare is a national priority sector, and data interoperability initiatives such as SATUSEHAT are creating the conditions for AI deployment at scale. The key issue for market participants is how to deploy AI in a way that manages regulatory risk while supporting commercial growth.

In the absence of healthcare‑specific AI rules, compliance turns on the details of each use case, particularly whether AI activities constitute regulated clinical services or medical devices, or involve sensitive health data. Businesses that address these issues early and align with national policy priorities will be better positioned as regulation evolves.

As Indonesia moves towards a clearer, risk‑based framework for healthcare AI, effective regulatory planning will be a strategic advantage. For healthcare operators, technology providers and investors, understanding the regulatory landscape is essential for scaling AI solutions and participating confidently in Indonesia’s healthcare transformation. Over time, AI adoption should accelerate service delivery, expand access, and reduce healthcare costs for Indonesians.