a
.
    Most SaMD to be reclassified as MDR Class 1
    Feb 19, 2026 | ISO 13485
    Most SaMD to be reclassified as MDR Class 1
    5:10

    Canva Design DAHBkcbhE4s-1

    The proposed EU MDR changes for Software as a Medical Device (SaMD) will be revolutionary.

    And will be a relief for SMEs, University spin-offs, and Start-Ups, for whom a 6-figure buy-in for Notified Body services has been an insurmountable barrier. Currently, Europe-based developers of SaMD and those in other locations are avoiding the EU market and initially launching their products in the USA and the UK, where market-entry costs are much lower. The result is that European citizens who would benefit from these products are deprived of access to them.

    This news has lain unnoticed since it entered the public domain in December 2025. Most attention has focused on an overall reduction in the burden of engaging a Notified Body and obtaining CE Marks for medical devices sold in the European market.

    Here's the good news…

    The European Commission published a formal proposal on December 16, 2025, to revise the Medical Device Regulation (MDR), specifically targeting the "notorious" Rule 11. This proposed amendment aims to streamline software classification by adopting a more proportionate, risk-based approach aligned with international standards.

    As a result, the vast majority of SaMD products will be classified as Class 1; Notified Body services will not be required, and manufacturers will issue CE Mark certificates of conformity via self-declaration.

    Key Changes to Rule 11

    The proposed revision reverses the current logic under which almost all software is up-classified to Class IIa or higher.

    • Class I as the Starting Point: Under the new draft, software intended to confer a clinical benefit is classified as Class I by default.
    • Risk-Based Escalation: Software is only "up-classified" if it meets specific criteria based on the clinical situation's severity and the significance of the information provided:
      • Class III: For "critical" situations where an output error could cause death or irreversible health deterioration.
      • Class IIb: For "serious" situations involving risk of serious deterioration or surgical intervention or driving management in critical situations.
      • Class IIa: For "non-serious" situations or informing management in serious/critical scenarios.
    • International Alignment: The wording is intended to align closely with the International Medical Device Regulators Forum (IMDRF) framework for Software as a Medical Device (SaMD).

    Wider Regulatory Impact

    • Lowered Barriers for Innovation: By potentially allowing more digital health applications (DiGAs) and low-risk tools to remain in Class I, the revision aims to reduce the administrative burden and costs of involving Notified Bodies.
    • EU AI Act Interaction: The proposal may clarify and potentially reduce the number of AI-enabled medical devices deemed "high risk" under the EU AI Act, avoiding duplicative conformity assessments.
    • Cybersecurity & Transparency: The draft integrates explicit cybersecurity requirements into the General Safety and Performance Requirements (GSPR), requiring manufacturers to report vulnerabilities to ENISA.

    Current Status and Timeline

    • Legislative Process: The proposal is currently in the early stages of the European legislative process and must be reviewed and adopted by the European Parliament and Council.
    • Effective Date: Experts do not expect these changes to take effect until 2027 at the earliest, as the amendment process typically spans several years.

    Meanwhile, until formally adopted, the current, stricter Rule 11 remains in full effect. Manufacturers are advised against prematurely changing existing compliance plans.

    Note: A detailed and informed review of all proposed changes to EU MRD/IVDR can be found on the Lexology website.

    Related Courses

    ISO 13485 Internal Auditor Course summary ISO 13485 Internal Auditor
    Est Duration: 12 hours
    Price: $530
    ISO 13485 Lead Auditor Course summary ISO 13485 Lead Auditor
    Est Duration: 36 hrs
    Price: $1,590
    ISO 13485 Lead Implementer Course ISO 13485 Lead Implementer
    Est duration: 30 hrs
    Price: $1,325
    ISO 13485 Consultant and Lead Auditor Course Summary ISO 13485 Consultant and Lead Auditor
    Est Duration: 36 hrs
    Price: $1,850
    ISO 13485 Internal Auditor Extension Course Summary ISO 13485 Internal Auditor Extension
    Est Duration: 8 hrs
    Price: $355
    See 1 More Course

     

    deGRANDSON Global is an ISO-Certified Educational Organization

    InISO Compound Logo-2-1 - compressed October 2021, we secured certification for three education-related ISO Standards.  As a result, we now have a university-grade management system that conforms to the requirements of …

    • ISO 21001, Educational Organizational Management System,
    • ISO 29993, Learning Services outside formal Education,  and
    • ISO 29994, Learning Services – additional requirements for Distance Learning.

    We have chosen ISO 21001 certification because, unlike IRCA and Exemplar badges (which we believe are commercially compromised), it is based on an independent third-party assessment.  In addition, it is a 'university grade' standard used globally by schools, colleges, and universities to demonstrate competence.

    We offer Certified Courses for ISO 9001, ISO 13485, ISO 14001, ISO 17025, ISO 27001, ISO 45001, Data Protection, and Risk Management.

     

    Written by Dr John FitzGerald

    Director & Founder of deGRANDSON Global. Spent 15 years in the manufacturing industry and 25 years training, consulting & auditing management systems
    Find me on:

    Related Articles…

    ISO 13485 Risk Evaluation in Medical Devices explained

    QMSR & ISO 13485: On 02-Feb-26, the FDA Final Rule comes into force. The amendments incorporate by reference (and so align more closely with) the international standard ISO 13485:2016, Medical Devices - Quality Management Systems - Requirements for regulatory purposes. Two distinct and different requirements in ISO 13485:2016 for the ... Continue reading

    Cybersecurity for Medical Devices

    QMSR & ISO 13485: On 02-Feb-26, the FDA Final Rule comes into force. The amendments incorporate by reference (and so align more closely with) the international standard ISO 13485:2016, Medical Devices - Quality Management Systems - Requirements for regulatory purposes. Did you know that cybersecurity is addressed in ISO 13485:2016, ... Continue reading

    Last Modified: February 19, 2026

    Subscribers get a 10% Discount

    MONTHLY OFFER
    Get 25% off on all ISO 45001 Courses in February
    SALE
    ISO 45001 Internal Auditor Course summary View ISO 45001 Internal Auditor
    Est duration: 14 hrs
    USD 620
    USD 465
    SALE
    ISO 45001 Lead Auditor Course summary View ISO 45001 Lead Auditor
    Est duration: 30 hrs
    USD 1325
    USD 994
    SALE
    ISO 45001 Lead Implementer Course summary View ISO 45001 Lead Implementer
    Est duration: 24 hrs
    USD 1060
    USD 795
    SALE
    ISO 45001 Consultant and Lead Auditor Course summary View ISO 45001 Consultant and Lead Auditor
    Est duration: 36 hrs
    USD 1590
    USD 1193
    SALE
    ISO 45001 Internal Auditor Course Extension summary View ISO 45001 Internal Auditor Extension
    Est duration: 8 hrs
    USD 355
    USD 266
    See 4 more courses

    Sale valid until February 28, 2026 BST

    Posts by Tag

    See all
    Already enrolled? YOUR LESSONS ARE HERE!

    Courses

    FAQs

    Other Information

    Contact Information

    • deGRANDSON Global UK
    • Adamson House, Towers Business Park, DIDSBURY M20 2YY
    • info@degrandson.com

     

    © 2026 · deGRANDSON Global.