Artificial Intelligence (AI) is revolutionising the healthcare industry, particularly in the realm of medical devices. The integration of AI technologies into medical devices (MD) is enhancing diagnostic accuracy, improving patient outcomes, and streamlining clinical workflows. AI algorithms can analyse vast amounts of medical data, such as imaging scans, electronic health records, and real-time patient monitoring, to provide insights to health practitioners. This capability not only aids in early detection and diagnosis of diseases but also enables personalised treatment plans tailored to individual patients. Moreover, AI-powered medical devices can automate routine tasks, reducing the burden on healthcare professionals and allowing them to focus more on patient care. As AI continues to evolve, its applications in medical devices are expected to expand.
May an AI system be a medical device?
In the EU, MDs must comply with Regulation 2017/745 (so-called medical device regulation or MDR). Under this regulation, MDs are instruments or apparatuses, including software, intended for medical purposes like diagnosis, treatment, or monitoring of diseases. A “medical device software” (MDSW) is a software that fulfils that purpose. An AI system that meets this definition is therefore an MDSW.
Are the MDR and the Artificial Intelligence Act similar?
The MDR and the Artificial Intelligence Act (AIA) both aim to regulate market access for certain types of products on a risk-based assessment. The MDR does not address specific risks associated with artificial intelligence in medical devices. The AIA is now fulfilling this purpose.
How does the MDR and the Artificial Intelligence Act interplay?
Medical devices based on an AI system may fall under the “high-risk” AI system qualification of the AIA if [they meet] two conditions:
- The AI system is a safety component, or the AI system is itself a medical device and
- The AI system is subject to a third-party conformity assessment by a notified body under the MDR.
The second condition is key as not all MDs are subject to such conformity assessment. The third-party assessment depends on the classification of the MD. This classification depends on the risk assessment of the MD given the harm it may bring to a patient, in case of malfunctioning for instance.
In June 2025, the Artificial Intelligence Board and the Medical Device Coordination Group jointly published a guide on the interplay of these two regulations. The table below, extracted from that guide, describes which class of MD featuring AI may fall within the scope of both MDR and AIA.
Does applying both regulations necessarily mean heavier market access requirements?
AIA, with other risk-based regulations, involves a whole set of transparency obligations (documentation, pre-market declaration of the high-risk AI system…) and risk monitoring throughout the product’s life cycle.
However, the AIA itself (art. 8§2) allows that the required documentation can be merged or included in the already existing documentation for the MD market access authorisation procedure.
This applies amongst others to:
- The technical documentation required by Article 11 of the AIA
- The conformity assessment procedure provided for in Article 43 of the AIA
- The CE marking of Article 48 of the AIA
Will the AIA impact the development of an AI medical device?
AI medical devices do not fall within the scope of the AIA when they are developed and/or used solely for scientific research purposes, with no commercial objective (art. 2§6 of the AIA), as well as research, testing and development of the AI system before they are placed on the market or put into service (art. 2§8 of the AIA). This provision ensures that innovation and the development of experimental or innovative AI models are not hindered. However, the AIA applies to tests carried out “under real world conditions”, i.e. when real data is collected to verify the functioning of the AI system, “without prejudice to Union or national law on the testing in real world conditions of high-risk AI systems related to products covered by Union harmonisation legislation” (art. 60 of the AIA). Therefore, the provider of the AI medical device should, in addition to the clinical investigation procedure or the MD performance study, be mindful of the further obligations provided for by the AIA. Furthermore, the AI provider should not neglect the importance of the GDPR and other data and cybersecurity related regulations during the development, test and commercialisation phases of its AI medical device.
Conclusion
The AIA impacts the legal requirements for medical devices by introducing a comprehensive framework that addresses the specific risks associated with AI technologies. The interplay between the AIA and MDR ensures that AI medical devices are subject to comprehensive risk assessments, enhancing safety and transparency. The collaboration between the Artificial Intelligence Board and the Medical Device Coordination Group, as evidenced by their joint guide, provides clarity on how these regulations intersect, particularly for high-risk AI systems. This regulatory synergy streamlines market access requirements without affecting innovation with an overall pragmatic approach on AI development by allowing the integration of AI Act documentation with existing MDR documentation and providing a sandbox framework in which many tests and development can be conducted.
Moreover, both regulations, together with GDPR contribute to ensuring that AI medical devices maintain high standards of safety, performance, and privacy protection.
