top of page
Search

MDCG Med Dev Guidance: Interplay between MDR & IVDR and the Artificial Intelligence Act

On June 19, 2025, the Medical Device Coordination Group (MDCG), in collaboration with the Artificial Intelligence Board (AIB) of the European Commission, released a comprehensive FAQ document titled MDCG 2025-6. This document is designed to clarify the interaction between three major regulatory frameworks in the European Union:

The Three Pillars:

  • MDR (EU 2017/745): Governs general medical devices.

  • IVDR (EU 2017/746): Covers in vitro diagnostic medical devices.

  • AIA (EU 2024/1689): Sets harmonized rules for AI systems, including those used in healthcare.


AI-powered medical devices—referred to as Medical Device Artificial Intelligence (MDAI)—must now comply with both device-specific and AI-specific requirements.

The MDCG 2025-6 FAQ, endorsed by the Artificial Intelligence Board (AIB) and the Medical Device Coordination Group (MDCG), provides practical guidance for manufacturers, notified bodies, and competent authorities.


When Does the AIA Apply?

  • MDAI Definition: Any software or system intended for a medical purpose that incorporates AI, including standalone software, accessories, and in vitro diagnostics1.

  • High-Risk AI Systems: Under Article 6(1) of the AIA, an MDAI is considered high-risk if:

    • It is a safety component or itself a medical device, and

    • It requires third-party conformity assessment by a notified body under MDR/IVDR1.

Key Table from the FAQ:

Device Class

Notified Body Involved?

AIA High-Risk?

MDR Class I (non-sterile, non-measuring, non-reusable)

No

No

MDR Class I (sterile, measuring, reusable)

Yes

Yes

MDR Class IIa, IIb, III

Yes

Yes

IVDR Class A (non-sterile)

No

No

IVDR Class B, C, D

Yes

Yes

Note: The AIA does not change the risk classification of a device under MDR/IVDR. Rather, the device’s classification under MDR/IVDR determines whether the AIA’s high-risk rules apply.


Key Requirements for MDAI Manufacturers

1. Management Systems

  • Lifecycle Management: Both MDR/IVDR and AIA require manufacturers to manage the entire lifecycle of MDAI, ensuring ongoing safety, performance, and compliance. This includes continuous post-market monitoring and regular updates.

  • Quality Management System (QMS): Manufacturers must implement and maintain a QMS that covers both device and AI-specific requirements. The AIA QMS focuses on aspects such as risk management, performance testing, and data governance, complementing the MDR/IVDR QMS.

2. Data Governance

  • Robust Data Practices: The AIA introduces explicit requirements for data quality, data management, and traceability, especially for training, validation, and testing datasets used in AI systems. This ensures that AI-driven decisions are reliable and non-discriminatory.

3. Technical Documentation

  • Integrated Documentation: Manufacturers are encouraged to integrate AIA-required documentation (e.g., testing, reporting, risk management) into existing MDR/IVDR technical files, minimizing duplication and administrative burden. However, full compliance with all applicable laws remains mandatory.

4. Transparency and Human Oversight

  • Explainability: The AIA mandates transparency, including clear information on the intended purpose, functioning, and limitations of the AI system. Human oversight mechanisms must be in place to ensure safe and effective use throughout the product’s lifecycle1.

5. Accuracy, Robustness, and Cybersecurity

  • Performance Standards: High-risk MDAI must meet strict requirements for accuracy, robustness, and cybersecurity, with regular updates and monitoring to address emerging risks and vulnerabilities1.

Clinical Evaluation, Conformity Assessment, and Post-Market Monitoring

  • Clinical/Performance Evaluation: MDAI must undergo rigorous clinical or performance evaluation under MDR/IVDR, supplemented by AIA requirements for AI-specific validation.

  • Conformity Assessment: For high-risk MDAI, conformity assessment involves both device and AI-specific notified body reviews. This dual scrutiny ensures comprehensive oversight.

  • Post-Market Monitoring: Continuous monitoring is essential, especially for AI systems that learn or adapt after deployment. Manufacturers must have robust systems to detect, report, and mitigate new risks


For the full document and further updates, refer to the official European Commission health site and the MDCG publications.


Comentarios

I Sometimes Send Newsletters

Thanks for submitting!

  • LinkedIn
  • Facebook
  • Twitter
  • Instagram

DISCLAIMER

The views expressed in this publication do not necessarily reflect the views of any guidance of government, health authority, it's purely my understanding. This Blog/Web Site is made available by a regulatory professional, is for educational purposes only as well as to give you general information and a general understanding of the pharmaceutical regulations, and not to provide specific regulatory advice. By using this blog site you understand that there is no client relationship between you and the Blog/Web Site publisher. The Blog/Web Site should not be used as a substitute for competent pharma regulatory advice and you should discuss from an authenticated regulatory professional in your state.  We have made every reasonable effort to present accurate information on our website; however, we are not responsible for any of the results you experience while visiting our website and request to use official websites.

bottom of page