top of page
  • Writer's pictureDalia Givony

EU AI Act's impact on medical devices


The European Union Artificial Intelligence Act (EU AI Act) proposed by the European Commission, is a pioneering regulatory framework aimed at overseeing artificial intelligence technologies within the EU. This landmark legislation categorizes AI systems based on their risk levels—unacceptable, high, limited, and minimal—introducing stringent requirements, particularly for high-risk applications. The AI Act's primary goals are to ensure safety, promote transparency, and enhance public trust in AI systems while fostering innovation and protecting fundamental rights.

Medical devices increasingly incorporate AI to enhance diagnostic accuracy, personalize treatments, and improve patient outcomes.

Medical devices which are required to undergo a third-party conformity assessment by a Notified Body are required to comply with the requirements of high-risk level under the new AI Act and adhere to rigorous standards concerning risk management, data governance, and transparency. Compliance with these requirements necessitates thorough conformity assessments, ongoing post-market surveillance, and robust documentation practices.

The intersection of the AI Act with the existing Medical Device Regulation (MDR) and In Vitro Diagnostic Regulation (IVDR) further intensifies the regulatory landscape.

High risk medical device AI system must comply with the following requirements, many of which align with existing EU MDR and IVDR requiremments:

·         Establish a risk management system throughout the high risk AI system’s lifecycle.

·         Conduct data governance, ensuring that training, validation and testing datasets are relevant, sufficiently representative and, to the best extent possible, free of errors and complete according to the intended purpose.

·         Prepare technical documentation to demonstrate compliance and provide authorities with the necessary information to assess this compliance. The conformity assessment should be carried out by a notified body that is competent in assessing AI systems under the MDR, to avoid the need for assessment by two different notified bodies.

·         Design their high-risk AI system for record-keeping to enable it to automatically record events relevant for identifying national level risks and substantial modifications throughout the system’s lifecycle.

·         Provide instructions for use to downstream deployers to enable the latter’s compliance;

·         Design their high-risk AI system to allow deployers to implement human oversight; transparent design

·         Design their high-risk AI system to achieve appropriate levels of accuracy, robustness, and cybersecurity.

·         Establish a quality management system to ensure compliance.


Overall, the EU Artificial Intelligence Act represents a significant step towards comprehensive AI governance, with significant implications for the medical devices industry.

The implementation timeline for medical devices classified as high-risk under the EU AI Act is set at 36 months from the Act's entry into force.

Need help implementing the requiremments of the EU AI Act?



bottom of page