Skip to content

EU AI Act in Healthcare

AI systems in diagnostics, triage and treatment planning often fall under high-risk. The interplay between the EU AI Act and the Medical Devices Regulation (MDR) creates particular compliance requirements.

Updated: February 202611 min read

Why healthcare is particularly affected

AI systems in healthcare fall under the EU AI Act via two pathways:

  1. Annex III No. 2 – AI as a safety component in critical digital infrastructure, including triage and prioritisation of emergency calls
  2. Annex I (from August 2027) – AI as a safety component in medical devices (Class IIa and above under MDR)

This means: Many healthcare AI systems must fulfil both the EU AI Act requirements and the Medical Devices Regulation (MDR, Regulation (EU) 2017/745).

Typical high-risk scenarios

ApplicationAnnex III categoryAdditional regulation
Radiology diagnostics (CT/MRI analysis)Annex I (medical device)MDR Class IIa+
Triage systems in emergency departmentsNr. 2
AI-supported treatment planningAnnex I (medical device)MDR
Drug interaction checkingAnnex I (potentially)MDR/IVDR
Patient monitoring (ICU)Nr. 2 / Annex IMDR Class IIb+
Administrative AI (scheduling etc.)Usually not high-risk

Special case: MDR and EU AI Act interplay

For AI systems classified as medical devices, the following applies:

  • The MDR conformity assessment (by Notified Bodies) also covers the EU AI Act requirements (Art. 43 para. 1 EU AI Act)
  • The Technical Documentation must fulfil both MDR Annex II and EU AI Act Annex IV
  • The risk management system per ISO 14971 (MDR) must be supplemented with EU AI Act-specific requirements
  • The clinical evaluation (MDR) and the performance metrics (EU AI Act Art. 15) partially overlap

Deadline: AI in medical devices under Annex I only falls under the EU AI Act from August 2027. Autonomous AI systems in healthcare under Annex III are already covered from August 2026.

Documentation obligations for healthcare AI

For providers of high-risk AI in the healthcare sector:

  • Technical Documentation per Annex IV – with particular focus on clinical validation and bias in medical datasets
  • Transparency notice – Patients must be informed that AI is involved in decisions (Art. 13 + Art. 50)
  • FRIA – Mandatory for public healthcare institutions per Art. 27

Market surveillance in the healthcare sector

Market surveillance for AI in medical devices lies with the existing Notified Bodies and national medical device authorities (e.g. BfArM in Germany). For AI systems under Annex III (not classified as medical devices), the respective AI market surveillance authorities are responsible.

Next steps for your organisation

  1. Inventory – List all AI systems in use and in development
  2. Classification – Use the free risk check
  3. MDR review – Clarify with your Notified Body whether a medical device is present
  4. Documentation – Start with the compliance documentation

Generate compliance drafts for healthcare AI now →

Compliance drafts

FRIA, Technical Documentation and Transparency Notice – AI-generated drafts in minutes.

Generate drafts
Check now

Ready for your EU AI Act Compliance?

AI-generated compliance documents as a solid working basis for you or your lawyers.

Generate draftsFree risk check
EU AI Act in Healthcare | AIvunera