AI Act Topical Article

How the AI Act, NIS 2, & Data Act will impact the EU medical devices regulatory landscape

Posted on by Congenius

Between August this year and September next year the regulatory environment in the EU regarding data will become more complex, as three horizontal digital EU Regulations and Directives come into force.

From 1 August 2024 the AI Act (Regulation 2024/1689) took effect, NIS 2 Cybersecurity (Directive 2022/2555) will apply from 18 October this year, and the majority of rights and obligations in the Data Act (Regulation 2023/2854) will apply from 12 September 2025.

In our trio of downloadable articles below, our Founder & Executive Board Member Jörg Dogwiler assesses the impact of these intertwined regulations and directives on medical device manufacturers. Download each free article for a useful overview of each regulation / directive including transition periods, advice on compliance as a medical device manufacturer, as well as how the new legislation relates to medical device regulations in Switzerland.

AI Act / Regulation (EU) 2024/1689

This article summarises how the horizontal EU Artificial Intelligence Act interacts with the vertical legislations EU MDR and IVDR on some key compliance topics. It outlines the four-tier model for risk classification of AI systems, as well as the regulatory considerations regarding high-risk AI systems including conformity assessment, quality management, and technical documentation.

NIS 2 (Cybersecurity) / Directive (EU) 2022/2555

This article looks at the risk management measures required by NIS 2 based on an “all-hazards approach”, and the Directive’s connection with ISO 27001 and ISO 22301, as well as the Information Security Act (ISG) that came into force in Switzerland in January this year.

Data Act / Regulation (EU) 2023/2854

This article explores the Data Act’s relevance for manufacturers of medical devices in the EU and Switzerland. It outlines an overview of the legislation including a summary of its benefits, the types of medical device data covered under the act, relevant stakeholders affected, and the implications for device design and data access. The legal framework’s interaction with the EU MDR and IVDR is also touched on, as well as some practical advice on preparing for compliance.

Should you have a medical device regulatory affairs challenge, feel free to get in touch – our team is ready and happy to help.

Related News & Knowledge

×

Get in touch

If you have a challenge that you think we could help with, please feel free to get in touch in a way that suits you best. We look forward to speaking with you!

Get in touch

×

Request
a demo

Find out more about QMgeniuS by requesting a demo.

Simply fill out your details and click “Request a demo", then a member of the team will get back to you shortly.

Alternatively, feel free to give us a call on +41 44 741 04 04 to start the conversation. We look forward to hearing from you!

    ×

    Subscribe to our
    monthly knowledge update

    Stay informed and up to date with the latest industry news delivered direct to your inbox. You can tailor your preferences to prioritise what you'd like to hear about each month; be it MedTech news headlines, fact sheet resources on the latest regulations or longer articles covering timely topics across the wider MedTech industry.

    By clicking subscribe, you are signing up to receive a monthly newsletter from us containing MedTech news, industry insights and more from Congenius. Subscribing also gives you full access to all topical content on our website. For information on how your data is managed, see our privacy policy.