If your device connects to a network and runs AI, CE marking under MDR or IVDR is only the first layer for connected medical devices. Two further EU frameworks, the AI Act and the Cyber Resilience Act, can also apply, each with obligations that go beyond what MDR requires.
This article maps what each layer demands, where they overlap, and what health tech manufacturers should act on before December 2027, with one deadline far closer than that.

What Does CE Marking Actually Cover for Connected Medical Devices?
CE marking under the Medical Device Regulation (MDR, Regulation (EU) 2017/745) or the In Vitro Diagnostic Regulation (IVDR, Regulation (EU) 2017/746) sets safety and performance requirements for devices placed on the EU market.
The conformity route depends on device class. Most Class I devices self-certify, though Class I sterile, measuring, or reusable surgical instruments need notified body involvement for those aspects. Class IIa, IIb, and III devices require a notified body assessment.
Technical documentation must cover design, risk management, clinical evaluation, and post-market surveillance.
What MDR does not systematically address: algorithmic transparency, AI-specific bias controls, and cybersecurity defined at the product level rather than the system level.
For connected devices with AI decision-support, two further frameworks fill that gap.
Does the EU AI Act Apply to Medical Devices?
Yes, in most cases where AI is involved. Under Article 6(1) and Annex I, Section A of the EU AI Act (Regulation (EU) 2024/1689), AI that is a safety component of a medical device, or is itself a device requiring notified body assessment under MDR or IVDR, is high-risk.
This is the Annex I product-legislation route. It is separate from Annex III, which lists use-case categories such as biometrics and employment and does not cover medical devices.
High-risk status triggers obligations beyond MDR. The following apply under Chapter III of the AI Act:
- A quality management system covering the full AI development lifecycle (Article 17)
- Technical documentation specific to the AI model: data governance, training methodology, accuracy metrics (Article 11 and Annex IV)
- Human oversight built into the product (Article 14)
- Transparency informing users they are interacting with AI output (Article 13)
- Post-market monitoring with metrics for AI performance drift (Article 72)
All five sit outside MDR’s scope and require separate documentation.
A point most health tech teams miss: the AI Act conformity assessment is separate from the MDR assessment. CE marking under MDR does not satisfy AI Act obligations. Both must sit in your technical file.
There is an integration pathway. Under Article 8(2), where a high-risk AI system falls under MDR and that assessment covers the AI risks, the AI Act procedure can be integrated into the MDR procedure.
This requires explicit coordination with your notified body and must be documented in the technical file. It is not automatic.
Note: not all notified bodies accredited under MDR are qualified to assess AI Act compliance. Verify your notified body’s scope before designing your conformity route.
When do the AI Act high-risk obligations apply?
These obligations were originally set to apply from 2 August 2027, but the timeline has since moved. The Council of the EU gave its final approval to a Digital Omnibus deferral on 29 June 2026, following the European Parliament’s endorsement on 16 June 2026, pushing the compliance date for these Annex I high-risk obligations to 2 August 2028. The measure is now adopted at both Council and Parliament level and is awaiting publication in the Official Journal of the European Union, which will trigger entry into force three days later.
Does the Cyber Resilience Act Apply to Connected Medical Devices?
Not to the device itself, under the current text. The CRA (Regulation (EU) 2024/2847) applies to products with digital elements that connect to a network, but Article 2(3) excludes products regulated under MDR or IVDR.
So a fully MDR-regulated connected device sits outside the CRA today. The CRA still reaches the rest of a typical health tech portfolio. These categories remain in scope:
- Wellness wearables and apps not classified as medical devices
- Companion apps and standalone software sold separately from the device
- Cloud and connectivity components supplied into the device
- Upstream software-supply-chain components and libraries
If you ship any of these, the CRA applies to them now, independent of your MDR status.
This exemption may not last. The Commission’s Digital Omnibus proposals would remove the MDR and IVDR carve-out and bring medical devices directly under the CRA. Plan for the obligations below on that basis.
For in-scope products, the CRA adds the following to what MDR requires:
- Secure-by-default configuration at market placement
- A security support period of at least five years, or the expected product lifetime if shorter
- A machine-readable Software Bill of Materials (SBOM) covering all components
- A publicly accessible vulnerability disclosure policy
- Active vulnerability monitoring and patching across the support period
These do not appear in MDR and cannot be met by existing clinical or safety documentation.
The most immediate obligation is Article 14: vulnerability and incident reporting to the relevant national Computer Security Incident Response Team (CSIRT) and to the EU Agency for Cybersecurity (ENISA).
This becomes enforceable on 11 September 2026, fifteen months before full CRA applicability on 11 December 2027.
The reporting timelines are tight. For an actively exploited vulnerability, manufacturers must issue:
- An early warning within 24 hours of becoming aware
- A full notification within 72 hours
- A final report within 14 days of a corrective measure being available
For products in CRA scope, this applies to items already on the market, not only new launches.
Where Do the Three Frameworks Overlap?
The technical documentation for MDR, the AI Act, and the CRA shares a common core: risk management. All three require a documented risk management system, post-market surveillance, and incident response.
The most practical integration strategy is to treat cybersecurity as the foundation, whether the requirements reach you through the CRA directly or through MDR’s own security expectations.
The AI Act includes a presumption of conformity: a high-risk AI system that meets the CRA cybersecurity essential requirements is presumed compliant with the cybersecurity provisions of Article 15 of the AI Act.
Manufacturers who build cybersecurity documentation first gain partial AI Act credit and reduce the overall burden.
The SBOM also serves the AI Act’s transparency aim by identifying third-party components and libraries embedded in the AI model. One document, two compliance uses.
The opposite case creates the real problem: running MDR, the AI Act, and the CRA as three siloed workstreams produces three separate risk files that can contradict each other under market surveillance scrutiny.
What Should Health Tech Manufacturers Do Before September 2026?
The September 2026 CRA Article 14 deadline is the first hard enforcement point for in-scope products. Prioritise these actions.
Start with an in-scope assessment. Determine whether each product falls under MDR/IVDR only, the AI Act (Article 6(1) and Annex I), the CRA (network-connected and not an MDR/IVDR device), or several at once. A companion app and its parent device can land in different layers.
Then build the SBOM. Without a complete, maintained, machine-readable SBOM, meeting the 24-hour reporting window is not operationally feasible. CycloneDX is the format most widely used in embedded and firmware contexts.
Then define the internal awareness trigger. Decide who receives CVE feed alerts, who judges whether a vulnerability is actively exploited in your product, and who can authorise a notification. Document and test this workflow before September 2026.
Finally, verify your notified body’s scope. If a product needs AI Act assessment and your current body is not qualified for it, identify a qualified body now. EU notified body capacity is constrained and lead times are long.
Frequently Asked Questions
Does CE marking under MDR automatically satisfy EU AI Act requirements for medical AI?
No. MDR and the EU AI Act are separate frameworks. CE marking under MDR does not constitute conformity with the AI Act. An integration pathway exists under Article 8(2), but it requires explicit documentation and agreement with your notified body.
Are connected medical devices covered by the Cyber Resilience Act?
Under the current CRA, no. Article 2(3) excludes devices regulated under MDR or IVDR. Companion apps, wellness products, standalone software, and supplied components can still be in scope, and a proposed Digital Omnibus amendment would remove the device exemption.
When does CRA compliance become mandatory for medical device manufacturers?
For in-scope products, Article 14 reporting applies from 11 September 2026 and full obligations from 11 December 2027. MDR and IVDR devices sit outside this today, unless the proposed amendment removes the exemption.
What are the penalties for failing to meet CRA reporting requirements?
Non-compliance with the essential requirements and the Article 13 and 14 obligations can bring fines of up to €15 million or 2.5% of global annual turnover, whichever is higher. Market access for the product can also be restricted.
What classifies medical AI as high-risk under the EU AI Act?
Article 6(1) read with Annex I, Section A. AI that is a safety component of a medical device, or is itself a device requiring notified body assessment under MDR or IVDR, is high-risk. This is separate from the Annex III use-case list, which does not cover medical devices.
Conclusion
Most health tech manufacturers have a CE marking programme, fewer have an AI Act plan, and almost none have a CRA-ready vulnerability reporting process.
The three frameworks can run together, and their documentation overlaps enough to integrate if you plan for it deliberately rather than as three separate audits.
For MDR-regulated devices the CRA does not apply yet, but companion apps, standalone software, and your suppliers are in scope now, and a proposed amendment would bring the devices in.
The manufacturers in good shape over the next 18 months are those treating MDR, the AI Act, and CRA readiness as one integrated programme.
Author Bio















