Trusq

factual analysis · traceable to primary sources

Topics Opportunities Take the check Work with us LinkedIn NLยทEN
Guide

AI in healthcare: the guide for care providers and manufacturers

Adopted 2026-06-20 ยท ≈ 1 min read ยท Dirk Baaijen

Healthcare AI touches three regimes at once: the AI Act (high-risk), the MDR for medical devices, and data law (GDPR and the European Health Data Space). This guide brings together what applies to care providers and manufacturers and where to start.

Short answer: AI in healthcare rarely falls under a single rule. You face the AI Act (healthcare AI is often high-risk), the MDR when the AI is a medical device, and data law โ€” both the GDPR and the European Health Data Space (EHDS). This guide brings the files together.

What it comes down to

For care providers and manufacturers the regimes stack: a diagnostic AI system is at once a medical device (MDR), a high-risk AI system (AI Act) and a processor of special-category personal data (GDPR/EHDS). The art is to combine them into one track, not three.

The files at a glance

Where to start

Determine the qualification of your system (medical device, Annex III, or both), combine the conformity routes, and arrange the data basis (GDPR, EHDS) with a DPIA. The free AI Act scan shows which AI obligations affect you โ€” every result traceable to its source.

Sources

  1. https://eur-lex.europa.eu/eli/reg/2024/1689/oj
    Regulation (EU) 2024/1689 (AI Act): high-risk AI in regulated products (Annex I) and in healthcare.

Share on LinkedIn

Read next

U

AI in healthcare: the AI Act and the Medical Device Regulation (MDR)

Medical AI often falls under two regimes at once: as a medical device under the MDR (CE marking) and as high-risk AI under the AI Act (Annex I). The regulations align the conformity assessment as far as possible. Health data is also special-category personal data under the GDPR.

U

AI as a medical device: the dual conformity (MDR + AI Act)

If your AI is a medical device, it must meet both the MDR (clinical evaluation, CE) and the AI Act (high-risk requirements). The regulations are meant to run together through a single conformity assessment and one notified body โ€” not two separate tracks.

W

The EU declaration of conformity under the AI Act (Article 47)

The EU declaration of conformity is the written statement by which the provider itself confirms that a high-risk AI system meets the AI Act. Article 47 sets out its content, language and retention; the provider bears full responsibility for it.

Dirk Baaijen

About this knowledge base

Compiled and maintained by YRproject โ€” programme and project direction at the intersection of digital transformation, AI and regulation. Every factual claim is traceable to its primary source. YRproject is led by Dirk Baaijen About & method โ†’

A project or programme? Work with YRproject โ†’

The monthly briefing

AI regulation in five minutes: what changed, what is coming and what it means. No spam, unsubscribe anytime.

Your address is used for this only and stored on our own servers.