Published on July 12, Regulation 2024/1689, also known as the AI Act, establishes a comprehensive regulatory framework for AI, affecting all stakeholders, including those outside the European Union. Key Points to Remember 💡 Risk Classification: AI systems are now classified into four risk levels, ranging from unacceptable risk to minimal risk. High-risk systems, such as certain Medical Devices (MDs), will require specific measures, including human oversight and stringent technical standards. Conformity Requirements: For high-risk systems, implementing a Quality Management System (QMS) compliant with ISO 42001, developing technical documentation, and obtaining CE marking are mandatory. Crucial Deadline: Mark August 2, 2027, in your calendars, a critical date for the compliance of high-risk MDs with the AI Act.  Next Steps to Consider ➡️ Review the Complete Text of the AI Act to understand its implications for your organization. Evaluate Your AI Systems to determine their risk classification under the new regulation. Develop a Global Regulatory Strategy that integrates the General Data Protection Regulation (GDPR), the Medical Device Regulation (MDR 2017/745), and the In Vitro Diagnostic Regulation (IVDR 2017/746) to ensure comprehensive regulatory compliance. Engage a Notified Body to assess the AI aspect of your systems. Adapt Your Compliance Processes to meet the specific requirements for your AI systems. Prepare now to navigate this new regulatory era successfully!

A question we often encounter is whether it is possible to start with self-certification for a Class I Medical Device (MD) and then upgrade it to a Class IIa. Let's delve into the topic: What is the difference in classification? Class I includes, for example, MDs like Digital Therapeutics (DTx) for patient use, whereas Class IIa encompasses more complex MDs, such as diagnostic support software or telemonitoring software that includes alerts for healthcare professionals. The rationale behind the classification of an MD primarily depends on its intended use and potential risks to patients. Class I MDs are generally self-managed by manufacturers through self-certification, significantly speeding up their market entry. In some cases, it can be very advantageous for manufacturers to start with a Class I software MD to reach the market and simultaneously carry out their clinical, regulatory, and product strategy to develop and certify a Class IIa MD. Class IIa MDs undergo stricter regulatory controls due to their complexity and increased risk potential, including audits by Notified Bodies (NB). What needs to be done to update the Medical Device class? Manufacturers considering upgrading their Class I MDs to Class IIa must prepare for a substantial update to their CE marking: Technical Documentation and Quality Management System (QMS). Any significant changes in the design or intended use of the device that could influence its class must be rigorously documented. Clinical evidence must be strengthened. From a financial perspective, designing a Class IIa MD is more expensive. Indeed, a Notified Body must be approached to evaluate the MD and issue the CE marking.  Schedule an appointment with the Sparta Care team to assess the risk class of your MD and the best marking strategy to adopt!

The new Regulation (EU) 2017/745 of the European Parliament and the Council of April 5, 2017, on medical devices, requires more rigorous traceability of medical devices to increase manufacturer transparency towards patients. This requirement has led to the creation of the UDI system. The UDI system consists of several codes that manufacturers will need to enter into a new public database: EUDAMED. This system can be difficult to grasp, which is why we propose to review together the different parts of the UDI: UDI: Unique Device Identification It is represented by a barcode consisting of a static part (UDI-DI) and a dynamic part (UDI-PI). UDI-PI: A code that identifies the production of the medical device (e.g., lot number, release date, expiration date…) and thus represents the dynamic part of the UDI. UDI-DI: A code that uniquely identifies the medical device (the specific model!) and thus represents the static part of the UDI. Basic UDI-DI: A code that identifies a group of similar medical devices with variations that do not impact their basic application. Example: A remote monitoring software medical device with several variants (one variant per pathology) will have a unique Basic UDI-DI. However, each variant will have its own UDI-DI. 💡 To obtain the UDI-DI and Basic UDI-DI codes, it is necessary to contact authorized international coding bodies, such as GS1. The assignment of the Basic UDI-DI is free and can be done autonomously on the GS1 website. However, the UDI-DI is a paid service that can only be obtained after joining GS1. It is also important to note that in addition to the GS1 subscription, an additional cost is charged for each product UDI-DI requested.

D-30 before one of the deadlines of the MDR 2017/745 transition period: May 26, 2024. Initiate an evaluation request with a Notified Body. Ensure the compliance of your QMS.

A significant portion of the compliance costs in the Medical Device (MD) sector could be avoided. For more than 40% of companies, these regulatory costs are estimated to exceed 500,000 euros. Nearly 50% of these costs are actually related to what I identify as regulatory drift, often due to the lack of a clearly defined roadmap.

Obtaining the CE marking has become a real race against time. Currently, with the transition period of the European Regulation 2017/745 on Medical Devices (MDR) and the overwhelmed Notified Bodies (NBs), the time to obtain this marking extends between 12 and 18 months.