For healthcare firms involved in the spaces of software-as-a-medical-device (SaMD), or digital devices and artificial intelligence (AI) devices, compliance with the European Union’s AI Act (EU AI Act) is not a “cause for panic.”

Speaking at the Outsourcing Clinical Trials (OCT) Medical Devices 2025 conference, taking place in Munich, Germany on 28-29 January, Stephen Gilbert, professor of medical device regulatory science at the Dresden University of Technology, stated that with respect to the EU AI Act, anyone already involved in compliance efforts for the EU Medical Device Regulation (MDR) could expect “more of the same.”

The AI Act was passed in the European Parliament on 13 March 2024, approved by the EU Council on 21 May 2024, and entered into force on 1 August 2024. It aims to serve as a risk-management system designed to identify, evaluate, and mitigate the potential risk AI systems may pose to health, safety, or fundamental rights such as privacy and data protection.

While various deadlines for compliance with the Act exist for the medical device space, Gilbert stated that the vast majority of medical devices that come under the Act’s annex one product safety component, where companies need to have a Notified Body to assess devices’ conformity to the Act, will be 2 August 2027.

Describing it as an “interesting type of Act” that blends product legislation, product control legislation, and performance assessment with human rights-adjacent legislation, Gilbert noted that the regulation’s concept is that it works together with the MDR and could be summarised as one intended to ensure “rights, fairness, and respect for human rights.”

“At a high level, new transparencies required under the Act relate to safety, which was already there in the EU’s Medical Device Regulation (MDR), and a more explicit focus on fairness.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

“If you’re doing machine learning (ML), deep learning, large language models (LLMs), using convolution neural networks, or doing anything in the transformer space, and your product is Class IIa or higher, you’re definitely under the AI act.

“If you’re not Class IIa or higher, you’re almost certainly not,” added Gilbert.

Similar to complying with the EU MDR, the same Notified Bodies can be used for conformity assessment under the AI Act.

“If you were already bringing or preparing to bring an AI based software through the MDR, it’s not fundamentally different, except there’s more emphasis on data transparency,” said Gilbert.

For those with medical devices that include, for example, a machine learning component, as with their compliance mandates to the MDR, their preparations are not going to be particularly different.

Gilbert said: “Effectively, it’s more of the same…it’s [AI Act compliance] the same process.”

“That is not to say you should not prepare early. There will be new standards and guidance and you need to build these into your quality management processes as they appear – start today, see it as an evolution rather than a revolution of what you have been doing under MDR. 02 August 2027 is not that far in the future.”