EU draft guidelines sharpen high-risk AI classification for medtech and digital health

The European Commission has published draft guidelines under article 6(5) of the EU Artificial Intelligence (AI) Act that translate the high-risk AI classification framework into a structured interpretive document. Released for consultation until 23 July, the draft does not introduce new obligations but it signals, through concrete examples, how regulators are likely to apply high-risk AI classification rules to the diverse AI use cases that medtech, digital health and pharmaceutical companies are developing and deploying. 

Medical device AI 

Regulation (EU) 2017/745 on medical devices (MDR) and Regulation (EU) 2017/746 on in vitro diagnostic medical devices (IVDR) are both expressly listed in annex I of the AI Act. This means that AI systems qualifying as safety components of, or themselves constituting, MDR- or IVDR-regulated products requiring third-party conformity assessment are high-risk AI under the EU AI Act. The draft guidelines acknowledge that sector-specific guidance for medical devices may follow and do not provide an exhaustive list of AI systems qualifying as high-risk AI. Further modifications on the interplay between MDR, the IVDR and the AI Act may come under the recent draft EU medtech rules. 

A substantive clarification in the draft guidelines relating to annex I of the AI Act is that a manufacturer's choice of conformity assessment module does not affect high-risk AI classification. The decisive factor is whether the product is subject to enhanced regulatory scrutiny under the relevant sectoral legislation, not which procedural route the manufacturer selects. This principle extends to the conditional form of Module A, as defined in Decision 768/2008/EC and available under certain sectoral laws on condition that harmonised standards published in the Official Journal are applied, which the guidelines treat as an equivalent mechanism to a third-party conformity assessment for classification purposes.

In practice, this point lands differently in medtech than in sectors such as toys or machinery where Module A is a genuine option: the MDR and IVDR require notified body involvement for all but Class I non-sterile, non-measuring devices. The clarification seems therefore to operate at the margins of the medtech context. Even for Class I medical device software, where self-certification is theoretically available, it cannot be used to argue out of high-risk AI status: neither the MDR nor the IVDR provides for Module A or the mandatory application of harmonised standards as a condition of self-declaration. That said, the scope of what constitutes an MDR- or IVDR-regulated product subject to notified body review may itself shift if proposed upgrades to the classification rules for medical device software are adopted.

Clinical biometrics 

Among he biometrics use cases in annex III of the AI Act, biometric categorisation under point I(b) carries a broad reach in life sciences contexts. The draft guidelines classify as high risk any AI system that categorises natural persons according to sensitive or protected attributes inferred from biometric data – and those attributes include health data captured by the General Data Protection Regulation. 

The draft provides an example that could speak directly to life sciences developers: an AI system that captures patients' gait, infers health data, and assigns individuals to categories reflecting early or advanced stages of disease is expressly cited as high-risk. The guidelines confirm that biometric data extends to behavioural biometrics including electrocardiograms (ECG), electroencephalography, or EEG, heartbeats and eye tracking. AI tools processing physiological signals to stratify patients by disease stage or severity (whether for Parkinson's progression monitoring, dementia detection, cancer staging or chronic disease risk stratification) merit careful analysis under this use case, wherever biometric data constitutes the input and a health-related category the inferred output.

The draft equally covers digital biomarker and phenotyping tools used in research. Research-phase AI systems that monitor or stratify study participants using biometric signals would not benefit from any research carve-out: classification follows the intended purpose, which the guidelines assess across all documentation, marketing materials and instructions for use, not solely the study protocol framing. Incorporating a clinician review step into deployment does not affect high-risk classification under article 6(2): human oversight is a compliance prerequisite once a system is classified as high risk, not a route around that classification.

Separately, the remote biometric identification use case provided in annex III's point I(a) is also relevant for hospital or clinic access management systems that passively identify patients or staff using facial recognition against a stored database. It also carries potential relevance for clinical study monitoring platforms that identify participants at dosing visits through camera-based recognition without requiring active credential presentation.

Notably, the draft guidelines clarify that where several AI systems form part of a more complex system, such comprehensive AI system may be treated as a single system under the EU AI Act for the purpose of high-risk classification. Consequently, where one module of such a system is intended to be used for a use case listed in annex III, the entire AI system will be classified as high risk, not just the particular component. 

Emergency triage 

Annex III further captures AI systems intended to evaluate emergency calls, dispatch emergency first response services, or triage emergency healthcare patients; an area where, as the AI Act's reach into European healthcare has made clear, the stakes for life sciences businesses extend well beyond traditional device regulation. An AI system that prioritises patients in an emergency department, even without performing clinical assessment in the formal sense, is expressly cited as high risk. A mental health crisis triage chatbot that assesses urgency and directs intervention responses could, similarly, be in scope. Tools used to manage medical appointments, patient identification systems and transcription tools for emergency calls are explicitly excluded.

The most consequential aspect of the draft's treatment of this use case is its clear statement on the relationship between the MDR and the AI Act. 

Where a triage tool also qualifies as a medical device under the MDR, it faces compliance obligations under both frameworks in parallel: the article 6(1) route and the article 6(2) route run concurrently, not as alternatives. Clinical decision support software for emergency acuity stratification that meets the MDR's definition would therefore have to satisfy both the MDR's conformity requirements and the AI Act's high-risk obligations, including on data governance, technical documentation, human oversight and registration. 

The guidelines expressly cite, at section 3.5.6 of the annex III chapter, an AI system used in an emergency department to prioritise patients, without performing clinical assessment, as a confirmed high-risk example under point 5(d). Where a module or version of that system goes further and provides additional clinical guidance for the benefit of individual patients, such that it is likely to meet the MDR's definition of medical device software, both frameworks may apply concurrently rather than as alternatives.

The interaction between the AI Act and the medical device framework has been a defining challenge for medtech developers, and the draft formalises rather than resolves that complexity.

Health insurance risk tools

Point 5(c) of annex III classifies as high risk those AI systems intended for risk assessment and pricing in relation to natural persons in the context of life and health insurance. The draft guidelines extend the use case beyond standard policies to cover private long-term care insurance, personal pension products (in so far as these significantly affect a person's livelihood in old age), and credit life insurance. Either risk assessment or pricing appears to be sufficient to trigger classification; an AI system does not need to perform both.

A potential consequence of the draft's horizontal guidance on intended purpose is that health risk stratification or predictive analytics tools whose outputs reach insurance underwriting workflows could fall within scope, even where that is not the provider's primary commercial purpose: where such uses are reasonably foreseeable and not explicitly excluded across documentation, promotional content and terms of service, the draft treats them as part of the system's intended purpose. The draft does not address this scenario directly in the context of point 5(c), but the principle applies across sectors.

Osborne Clarke comment

The draft guidelines are not binding, and their final form will depend on consultation outcomes and the European AI Board review. Their practical significance lies in the detail: the Commission's choice of examples signals how market surveillance authorities are likely to approach classification once the high-risk obligations of the AI Act apply. The Digital Omnibus on AI, once adopted following the political agreement in May, will extend the compliance timeline for high-risk obligations: annex III obligations shall apply from December 2027 and annex I from August 2028. However, those extended horizons do not reduce the value of early engagement.

The draft's consistent message, whatever the use case, is that intended purpose drives classification and that broad or loosely scoped product positioning can draw AI tools into high-risk territory regardless of how the developer characterises the system internally. Companies developing patient stratification tools, clinical decision support software, or health risk analytics platforms, and more broadly any business whose AI systems interact with insurance or clinical decision workflows, may find it worthwhile to review how intended purpose is characterised across their full range of materials. 

Where the purpose of an AI tool is modified by the company deploying it, that company may take on developer-level obligations under the AI Act, including the full suite of high-risk AI obligations.

Those active in this space may also wish to treat the consultation period as a genuine engagement opportunity: the draft leaves several scenarios open where industry input could usefully shape the final text, including the reach of the insurance use case and the interaction between AI Act conformity obligations and how technical and clinical standards are converging for AI in medical devices.

Businesses wishing to explore how the draft guidelines interact with their specific product portfolio or considering whether to submit a response before the 23 July deadline may find it useful to discuss the classification questions with specialist advisers. Osborne Clarke's digital health and AI regulatory teams advise across both the AI Act and the MDR/IVDR frameworks and would be pleased to assist.