Bridging the Regulatory Gaps for AI Medical Devices: The New Layer Introduced by the AI Act

The development of AI medical devices for commercialisation carries a complex regulatory landscape. The new medical device EU regulations bring major changes in the certification of medical software compared to the previous directives. It is also necessary to analyse the application and limitations of the GDPR in the clinical evaluation of these devices for their training, validation and testing, even in scenarios where the data can be anonymised or synthetic. Furthermore, a new regulatory layer is yet to come. The future AIAct will include most of the AI medical devices as high-risk AI. Therefore, developers will also need to comply with the mandatory requirements for high-risk systems in a chaotic governance framework. This panel aims to provide developers and researchers with practical clarifications for the development of AI medical devices.

• How do the AIAct, the MDR/IVDR and the GDPR interrelate in the development of AI medical devices?
• What are the most important regulatory steps in the clinical evaluation of these systems for certification?
• How to demonstrate compliance with the AIAct’s mandatory requirements for high-risk systems through the governance routes established by the MDR/IVDR?
• What happens to medical AI systems that fall outside the medical devices regulations and therefore out of the AI Act? Will the GDPR provide remedies?