Risk Pyramid: Assessing AI Compliance for Medical Devices

DIA Europe: Assessing AI Compliance in Medical Devices

At the recent DIA Europe 2025 conference held in Basel, Switzerland, experts discussed the implications of the EU’s Artificial Intelligence Act for medical device manufacturers. A significant focus was placed on the use of a risk pyramid to determine the classification of medical devices and their necessity for conformity assessments by notified bodies.

The Risk Pyramid Explained

According to regulatory strategy specialists, the risk pyramid is pivotal for understanding whether a device is classified as high-risk. The pyramid categorizes AI applications based on their potential risks, ranging from minimal-risk devices at the base to unacceptable-risk systems at the apex. Systems classified as unacceptable risk, which include harmful AI-based manipulation or social scoring, are prohibited under the act.

Medical devices leveraging AI-embedded software for diagnosis or detection of abnormalities are considered high-risk and necessitate assessment by a notified body. On the other hand, devices categorized as limited-risk do not diagnose or detect abnormalities but must still comply with specific transparency obligations under the AI Act.

Implementation Timeline

The AI Act officially came into effect on August 1, 2024, and will begin to apply to products with high-risk applications from August 2, 2026. This includes medical devices classified in the Class IIa category or higher. A broader application of the regulations is anticipated by August 2, 2027, with full implementation expected by December 31, 2030.

Regulatory Requirements for High-Risk AI Systems

Manufacturers of high-risk AI systems must adhere to several stringent requirements prior to placing their products on the market. These include:

• Conformity Assessment: A thorough evaluation of the AI system must be conducted.
• Labeling Requirements: Products must display essential information, including the manufacturer’s name, registered trade name, trademarks, contact address, and CE marking.
• Risk Management Teams: Teams should be established to assess the AI system throughout its lifecycle.
• Technical Documentation: Manufacturers are required to maintain comprehensive records regarding the AI system’s performance and safety over time.

Experts emphasized that while the AI regulations may be novel, the integration of AI into medical devices has been in practice for some time. The transition to compliance is largely seen as an administrative exercise focused on organizing the necessary documentation.

Future of AI in Medical Technology

As the industry prepares for a new wave of applications utilizing advanced AI tools, the emphasis on non-invasive technologies to diagnose diseases is evident. For instance, a notable application is the LiverMultiScan software, which has received both FDA clearance and EU CE marking. This software serves as a non-invasive alternative to liver biopsies, using algorithms to assess liver health through MRI scans.

Such advancements highlight the significant role of AI in transforming medical diagnostics, offering more accurate and less invasive options for patients.

As the landscape evolves, manufacturers are urged to stay informed and ready for the compliance challenges that lie ahead under the EU’s AI regulations.