MedTech Europe has called for the urgent clarification of a proposed artificial intelligence regulation because it uses an overly broad definition and is misaligned with existing regulatory frameworks.
The European Commission outlined its plans to regulate AI, including medical devices and in vitro diagnostics that feature the technology, earlier this year. Under the proposal, the European Union would require high-risk AI systems to “comply with certain mandatory requirements” before coming to market. The Commission acknowledged a risk of overlap with existing regulations but envisioned the framework complementing requirements such as the Medical Devices Regulation.
However, MedTech Europe contends the proposal falls short of that vision. In feedback to the Commission, the EU medtech trade group highlighted multiple examples of perceived “misalignment” between MDR and IVDR and the Artificial Intelligence Act (AIA). MedTech Europe sees the misalignments having serious consequences.
“There are concerns that the AIA would in effect create the need for manufacturers to undertake duplicative certification/conformity assessment, via two Notified Bodies, and maintain two sets of technical documentation, should misalignments between AIA and MDR/IVDR not be resolved. Duplication of this kind would lead to unnecessary overlaps in the regulatory approval of AI as/in medical technology, which could have a negative effect on the timely access of citizens and patients to highly innovative and fairly priced AI medical technology in the EU,” MedTech Europe wrote.
The feedback covers a handful of specific areas in which MedTech Europe believes the regulations are misaligned. MedTech Europe’s concerns about duplicative certification stem from a “very possible scenario” it sketched out in its feedback. If a notified body that is designated for MDR or IVDR lacks AI capabilities, “the risk of needing two separate technical documentation submissions, leading to two separate conformity assessments and certifications, must be avoided.”
MedTech Europe also sees a lack of clarity about the designation of notified bodies for “AI-specific competencies,” the time required to ramp up the availability of notified bodies with AI and medtech capabilities, and the roles and responsibilities of notified bodies as areas needing clarification.
A further set of potential problems are tied to the interaction between AIA and EU rules on data protection and privacy. MedTech Europe highlighted several areas in which AIA may conflict with the General Data Protection Regulation (GDPR). One example is the AIA requirement that datasets used to train, validate and test high-risk AI systems are “relevant” and “representative.” MedTech Europe contends restrictions imposed by GDPR may make it difficult to comply with the requirement.
Risk classification is another perceived issue. As MedTech Europe sees it, AIA would put most healthcare uses of AI in its highest risk class in a “clear deviation from how medical technologies are regulated in Europe and around the world.” The deviation will cause confusion among regulators and “create additional, unnecessary complexity in the regulatory approval process,” the trade group wrote.
MedTech Europe’s expectation that medical devices and IVDs will fall into AIA’s high-risk category is underpinned by “the proposed broad definition of AI and risk classification.” The criticism of the definition follows an early response by a senior research scientist at the Flatiron Institute’s Center for Computational Mathematics, who said it “feels hopelessly vague with phrasing like ‘wide variety of methods’ and the inclusion of ‘statistical approaches’.”
Other groups have since taken shots at the proposal. The Center for Data Innovation found AIA could cost the EU economy up to €31 billion ($37 billion) over the next five years and cause investments to contract by up to 20%. The analysis found AIA will cost European businesses €10.9 billion a year by 2025. A business with a turnover of €10 million that deploys a high-risk AI system would see profits fall by 40%.
The analysis is based on the Commission’s own impact assessment and projections of the growth of AI investment in the EU. Absent AIA, the EU expects investment in AI to grow to almost €70 billion by 2025, up from €16 billion today. The Center for Data Innovation sees AIA as a major headwind to that forecast. In feedback to the Commission, the Center said that “AIA is too broad in its attempt to regulate an entire stack of technologies and applications at such an early stage in the development of AI.”
Other groups have made similar points to the Center and MedTech Europe, with the Japan Business Federation warning AIA could “hinder the appetite for investment in Europe” and Digital Poland Foundation calling the AI definition “too broad.”
However, other groups have responded more favorably. An EU mapping trade group called the proposal “a good start” and a group that works to ensure the digital world caters to young people hailed parts of AIA as “ground-breaking legislation.”
The breadth of organizations that have already responded to the proposal points to the challenges the EU will face in trying to come up with a version of AIA that works for medtech and all of the other stakeholders affected by the regulation. MedTech Europe wants more time to adapt to whatever AIA brings, arguing that at least 48 months, rather than the 24 months proposed by the Commission, are needed for “the entire ecosystem to be ready and compliant with a new regulatory framework.”