CE Marking Is Not Enough: Three Layers for Connected Medical Devices

Jul 7, 2026 | Regulatory

Image Source: original graphic by Regulatory Decoded / Paolo Vassallo
Independent Contributor
Written by: Paolo Vassallo, Regulatory Expert
On behalf of: Regulatory Decoded

If your device connects to a network and runs AI, CE marking under MDR or IVDR is only the first layer for connected medical devices. Two further EU frameworks, the AI Act and the Cyber Resilience Act, can also apply, each with obligations that go beyond what MDR requires.

This article maps what each layer demands, where they overlap, and what health tech manufacturers should act on before December 2027, with one deadline far closer than that.

What Does CE Marking Actually Cover for Connected Medical Devices?

CE marking under the Medical Device Regulation (MDR, Regulation (EU) 2017/745) or the In Vitro Diagnostic Regulation (IVDR, Regulation (EU) 2017/746) sets safety and performance requirements for devices placed on the EU market.

The conformity route depends on device class. Most Class I devices self-certify, though Class I sterile, measuring, or reusable surgical instruments need notified body involvement for those aspects. Class IIa, IIb, and III devices require a notified body assessment.

Technical documentation must cover design, risk management, clinical evaluation, and post-market surveillance.

What MDR does not systematically address: algorithmic transparency, AI-specific bias controls, and cybersecurity defined at the product level rather than the system level.

For connected devices with AI decision-support, two further frameworks fill that gap.

Does the EU AI Act Apply to Medical Devices?

Yes, in most cases where AI is involved. Under Article 6(1) and Annex I, Section A of the EU AI Act (Regulation (EU) 2024/1689), AI that is a safety component of a medical device, or is itself a device requiring notified body assessment under MDR or IVDR, is high-risk.

This is the Annex I product-legislation route. It is separate from Annex III, which lists use-case categories such as biometrics and employment and does not cover medical devices.

High-risk status triggers obligations beyond MDR. The following apply under Chapter III of the AI Act:

  • A quality management system covering the full AI development lifecycle (Article 17)
  • Technical documentation specific to the AI model: data governance, training methodology, accuracy metrics (Article 11 and Annex IV)
  • Human oversight built into the product (Article 14)
  • Transparency informing users they are interacting with AI output (Article 13)
  • Post-market monitoring with metrics for AI performance drift (Article 72)

All five sit outside MDR’s scope and require separate documentation.

A point most health tech teams miss: the AI Act conformity assessment is separate from the MDR assessment. CE marking under MDR does not satisfy AI Act obligations. Both must sit in your technical file.

There is an integration pathway. Under Article 8(2), where a high-risk AI system falls under MDR and that assessment covers the AI risks, the AI Act procedure can be integrated into the MDR procedure.

This requires explicit coordination with your notified body and must be documented in the technical file. It is not automatic.

Note: not all notified bodies accredited under MDR are qualified to assess AI Act compliance. Verify your notified body’s scope before designing your conformity route.

When do the AI Act high-risk obligations apply?

These obligations were originally set to apply from 2 August 2027, but the timeline has since moved. The Council of the EU gave its final approval to a Digital Omnibus deferral on 29 June 2026, following the European Parliament’s endorsement on 16 June 2026, pushing the compliance date for these Annex I high-risk obligations to 2 August 2028. The measure is now adopted at both Council and Parliament level and is awaiting publication in the Official Journal of the European Union, which will trigger entry into force three days later.

Does the Cyber Resilience Act Apply to Connected Medical Devices?

Not to the device itself, under the current text. The CRA (Regulation (EU) 2024/2847) applies to products with digital elements that connect to a network, but Article 2(3) excludes products regulated under MDR or IVDR.

So a fully MDR-regulated connected device sits outside the CRA today. The CRA still reaches the rest of a typical health tech portfolio. These categories remain in scope:

  • Wellness wearables and apps not classified as medical devices
  • Companion apps and standalone software sold separately from the device
  • Cloud and connectivity components supplied into the device
  • Upstream software-supply-chain components and libraries

If you ship any of these, the CRA applies to them now, independent of your MDR status.

This exemption may not last. The Commission’s Digital Omnibus proposals would remove the MDR and IVDR carve-out and bring medical devices directly under the CRA. Plan for the obligations below on that basis.

For in-scope products, the CRA adds the following to what MDR requires:

  • Secure-by-default configuration at market placement
  • A security support period of at least five years, or the expected product lifetime if shorter
  • A machine-readable Software Bill of Materials (SBOM) covering all components
  • A publicly accessible vulnerability disclosure policy
  • Active vulnerability monitoring and patching across the support period

These do not appear in MDR and cannot be met by existing clinical or safety documentation.

The most immediate obligation is Article 14: vulnerability and incident reporting to the relevant national Computer Security Incident Response Team (CSIRT) and to the EU Agency for Cybersecurity (ENISA).

This becomes enforceable on 11 September 2026, fifteen months before full CRA applicability on 11 December 2027.

The reporting timelines are tight. For an actively exploited vulnerability, manufacturers must issue:

  • An early warning within 24 hours of becoming aware
  • A full notification within 72 hours
  • A final report within 14 days of a corrective measure being available

For products in CRA scope, this applies to items already on the market, not only new launches.

Where Do the Three Frameworks Overlap?

The technical documentation for MDR, the AI Act, and the CRA shares a common core: risk management. All three require a documented risk management system, post-market surveillance, and incident response.

The most practical integration strategy is to treat cybersecurity as the foundation, whether the requirements reach you through the CRA directly or through MDR’s own security expectations.

The AI Act includes a presumption of conformity: a high-risk AI system that meets the CRA cybersecurity essential requirements is presumed compliant with the cybersecurity provisions of Article 15 of the AI Act.

Manufacturers who build cybersecurity documentation first gain partial AI Act credit and reduce the overall burden.

The SBOM also serves the AI Act’s transparency aim by identifying third-party components and libraries embedded in the AI model. One document, two compliance uses.

The opposite case creates the real problem: running MDR, the AI Act, and the CRA as three siloed workstreams produces three separate risk files that can contradict each other under market surveillance scrutiny.

What Should Health Tech Manufacturers Do Before September 2026?

The September 2026 CRA Article 14 deadline is the first hard enforcement point for in-scope products. Prioritise these actions.

Start with an in-scope assessment. Determine whether each product falls under MDR/IVDR only, the AI Act (Article 6(1) and Annex I), the CRA (network-connected and not an MDR/IVDR device), or several at once. A companion app and its parent device can land in different layers.

Then build the SBOM. Without a complete, maintained, machine-readable SBOM, meeting the 24-hour reporting window is not operationally feasible. CycloneDX is the format most widely used in embedded and firmware contexts.

Then define the internal awareness trigger. Decide who receives CVE feed alerts, who judges whether a vulnerability is actively exploited in your product, and who can authorise a notification. Document and test this workflow before September 2026.

Finally, verify your notified body’s scope. If a product needs AI Act assessment and your current body is not qualified for it, identify a qualified body now. EU notified body capacity is constrained and lead times are long.

Frequently Asked Questions

Does CE marking under MDR automatically satisfy EU AI Act requirements for medical AI?

No. MDR and the EU AI Act are separate frameworks. CE marking under MDR does not constitute conformity with the AI Act. An integration pathway exists under Article 8(2), but it requires explicit documentation and agreement with your notified body.

Are connected medical devices covered by the Cyber Resilience Act?

Under the current CRA, no. Article 2(3) excludes devices regulated under MDR or IVDR. Companion apps, wellness products, standalone software, and supplied components can still be in scope, and a proposed Digital Omnibus amendment would remove the device exemption.

When does CRA compliance become mandatory for medical device manufacturers?

For in-scope products, Article 14 reporting applies from 11 September 2026 and full obligations from 11 December 2027. MDR and IVDR devices sit outside this today, unless the proposed amendment removes the exemption.

What are the penalties for failing to meet CRA reporting requirements?

Non-compliance with the essential requirements and the Article 13 and 14 obligations can bring fines of up to €15 million or 2.5% of global annual turnover, whichever is higher. Market access for the product can also be restricted.

What classifies medical AI as high-risk under the EU AI Act?

Article 6(1) read with Annex I, Section A. AI that is a safety component of a medical device, or is itself a device requiring notified body assessment under MDR or IVDR, is high-risk. This is separate from the Annex III use-case list, which does not cover medical devices.

Conclusion

Most health tech manufacturers have a CE marking programme, fewer have an AI Act plan, and almost none have a CRA-ready vulnerability reporting process.

The three frameworks can run together, and their documentation overlaps enough to integrate if you plan for it deliberately rather than as three separate audits.

For MDR-regulated devices the CRA does not apply yet, but companion apps, standalone software, and your suppliers are in scope now, and a proposed amendment would bring the devices in.

The manufacturers in good shape over the next 18 months are those treating MDR, the AI Act, and CRA readiness as one integrated programme.

 

Author Bio

 

    Paolo Vassallo is a Senior Compliance Specialist with over a decade of hands-on experience in EMC, product safety, and global market access. He writes Regulatory Decoded (regulatorydecoded.com), where he translates complex EU and US product regulation, from CE marking and the Cyber Resilience Act to the EU AI Act, into practical engineering steps.
    References:

    Primary legislation

    Provisions cited

    • CE marking, conformity routes by device class — MDR Arts. 19–20, Art. 52, Annex VIII.
    • AI as safety component of / constituting a medical device = high-risk AI — AI Act Art. 6(1) + Annex I, Section A (lists MDR & IVDR). [Not Annex III.]
    • High-risk obligations (QMS, technical documentation, human oversight, transparency, post-market monitoring) — AI Act Chapter III, Sec. 2: Art. 17, Art. 11 + Annex IV, Art. 14, Art. 13, Art. 72.
    • AI Act / MDR integrated assessment pathway — AI Act Art. 8(2), Art. 11(2), Recital 64.
    • Notified-body scope for AI — AI Act Chapter III, Sec. 4 (Arts. 28–39).
    • CRA scope (network-connected products with digital elements) — CRA Art. 2(1), Art. 3(1).
    • CRA exclusion of MDR/IVDR devices — CRA Art. 2(3).
    • CRA requirements (secure-by-default, ≥5-yr support, SBOM, vulnerability disclosure & handling) — CRA Annex I, Part I and Part II; support period Art. 13(8).
    • Vulnerability/incident reporting to CSIRT & ENISA — CRA Art. 14; single reporting platform Art. 16.
    • Presumption of conformity (CRA cybersecurity → AI Act Art. 15) — AI Act Art. 15; CRA recitals.

    Statistics & figures

    • Reporting timelines: 24h early warning, 72h notification, 14-day final report — CRA Art. 14(2)–(4).
    • CRA Art. 14 reporting enforceable from 11 September 2026 — CRA Art. 71(2).
    • Full CRA applicability from 11 December 2027 — CRA Art. 71(2).
    • Minimum five-year support period (or expected lifetime if shorter) — CRA Art. 13(8).
    • Penalties up to €15 million or 2.5% of global annual turnover — CRA Art. 64(2).

    Note on currency of the law

    • CRA Art. 2(3) currently excludes MDR/IVDR devices; the Commission's 2025–2026 "Digital Omnibus" proposals would remove this exemption (not yet adopted, June 2026).
    • AI Act high-risk obligations for Annex I products, including medical devices, have been deferred from 2 Aug 2027 to 2 Aug 2028 following Council adoption on 29 June 2026, pending Official Journal publication.
    All content is published for informational purposes only and does not constitute medical, legal, or investment advice. For more information, see our Terms and Conditions.

    Articles that may be of interest

    Atacicept IgA Nephropathy: FDA Decision Due 7 July

    Atacicept IgA Nephropathy: FDA Decision Due 7 July

    Four days from now, the US Food and Drug Administration is due to hand down its atacicept IgA nephropathy decision, ruling on whether the experimental Vera Therapeutics drug becomes the first therapy to target both BAFF and APRIL in adults with the disease. The...

    read more
    FDA Accelerated Approval: How the Fast-Track Pathway Works

    FDA Accelerated Approval: How the Fast-Track Pathway Works

    FDA accelerated approval is one of the agency's most powerful and most debated regulatory tools. Designed to speed access to treatments for patients with serious or life-threatening conditions, it has delivered transformative therapies to those with no other options....

    read more
    AI Transparency Gap in SaMD Regulation

    AI Transparency Gap in SaMD Regulation

    Artificial intelligence is no longer on the horizon of medical device regulation — it’s already on regulators’ desks. The FDA’s iterative guidance on AI/ML-based Software as a Medical Device (SaMD), the EU AI Act’s risk classification scheme, and Health Canada’s...

    read more
    Why Europe’s Precision Oncology Trials Keep Stalling

    Why Europe’s Precision Oncology Trials Keep Stalling

    Precision medicine works when the right biomarker test reaches the right patient in time. In Europe, the regulatory plumbing is making that harder than it should be. At the 16th Clinical Biomarkers & CDx Summit in London in March 2026, I discussed lessons from MDx...

    read more

    Articles that may be of interest

    Atacicept IgA Nephropathy: FDA Decision Due 7 July

    Atacicept IgA Nephropathy: FDA Decision Due 7 July

    Four days from now, the US Food and Drug Administration is due to hand down its atacicept IgA nephropathy decision, ruling on whether the experimental Vera Therapeutics drug becomes the first therapy to target both BAFF and APRIL in adults with the disease. The...

    read more
    FDA Accelerated Approval: How the Fast-Track Pathway Works

    FDA Accelerated Approval: How the Fast-Track Pathway Works

    FDA accelerated approval is one of the agency's most powerful and most debated regulatory tools. Designed to speed access to treatments for patients with serious or life-threatening conditions, it has delivered transformative therapies to those with no other options....

    read more
    AI Transparency Gap in SaMD Regulation

    AI Transparency Gap in SaMD Regulation

    Artificial intelligence is no longer on the horizon of medical device regulation — it’s already on regulators’ desks. The FDA’s iterative guidance on AI/ML-based Software as a Medical Device (SaMD), the EU AI Act’s risk classification scheme, and Health Canada’s...

    read more
    Why Europe’s Precision Oncology Trials Keep Stalling

    Why Europe’s Precision Oncology Trials Keep Stalling

    Precision medicine works when the right biomarker test reaches the right patient in time. In Europe, the regulatory plumbing is making that harder than it should be. At the 16th Clinical Biomarkers & CDx Summit in London in March 2026, I discussed lessons from MDx...

    read more