';

AI Act

What changes for medical software and how we are preparing for the future
O3 Enterprise Closes Record-Breaking Year: Turnover Reaches €6 Million (+50%) and Profitability Doubles

Artificial Intelligence is revolutionizing the world, and the healthcare sector is no exception: from diagnostic imaging to hospital logistics management and robotics, algorithms now offer unprecedented support to medical staff. However, since these technologies directly impact human health, safety and reliability are non-negotiable requirements. It is precisely within this context that the AI Act (EU Regulation 2024/1689) comes into play—the first universal law on Artificial Intelligence approved by the European Parliament.

What exactly does this regulation entail, and what will be its impact on the MedTech sector?

The Main Actors of the AI Act

Under the AI Act, the provider (the entity that develops and places the system on the market) and the deployer (the entity using the system under its authority) both carry distinct responsibilities.

The Provider must guarantee the AI’s compliance with legal requirements, prepare technical documentation, implement a quality management system, and perform a conformity assessment before release.
The Deployer must exercise appropriate human oversight over the AI’s operation, monitor system performance, report serious incidents to the provider and market surveillance authorities, and conduct a Fundamental Rights Impact Assessment (FRIA) before putting high-risk AI systems into service.

The risk-based approach: where does medical software fit in?

The AI Act was not created to penalize or restrict innovation, but to regulate it based on the potential risk an AI system can pose to citizens’ rights and safety. The legislation maps technology across 4 risk levels, ranging from “unacceptable” to “minimal.”

For those developing healthcare technologies, the focus is squarely on the High-Risk category.

The European Union requires these systems to comply with strict standards, including:

  • Constant Human Oversight: The algorithm must serve as a supporting tool, but the final word always belongs to the physician
  • Traceability and Transparency: AI decision-making processes must be documented and explainable.
  • Data Quality and Cybersecurity: Models must be trained on high-quality datasets to avoid bias (systematic errors) and must be protected against cyberattacks.

This regulation represents a fundamental safeguard for both doctors and patients, outlining a clear regulatory framework within which technological innovation can thrive while respecting ethical and safety standards.

Compliance and Penalties

Compliance with the AI Act is a binding requirement for placing AI systems on the market and putting them into service. Violations concerning high-risk devices expose organizations to heavy financial penalties, up to 3% of their annual global turnover. Consequently, it is vital for both MedTech industry players and purchasing hospital institutions to promptly initiate relevant audit and alignment procedures.

Toward the future: O3 Enterprise’s commitment

The main upcoming deadlines for the AI Act are:

  • August 2, 2026: Registration and technical documentation obligations come into effect, which include the fundamental rights impact assessment.
  • November 2026: Labeling obligations will kick in to clearly identify content generated or manipulated by AI.
  • August 2, 2027: Full compliance will be mandatory for AI systems already on the market and classified as high-risk, alongside the application of the remaining provisions.
As a distributor of artificial intelligence algorithms, O3 Enterprise is actively working to ensure that its applications meet both the requirements of the MDR (EU) 2017/745 and the principles of the AI Act (EU) 2024/1689, making its solutions AI Act Ready.

We consider technological ethics to be one of the core pillars of our daily work: our goal is to continue providing healthcare professionals with efficient tools while guaranteeing healthcare facilities total legal compliance, maximum data protection, and patient safety.

logo