Product type
Medical wearables & connected health: which EU regulations apply
e.g. ECG patches, continuous glucose monitors, connected blood-pressure cuffs
Body-worn or at-home devices with a medical purpose — measuring, monitoring or supporting diagnosis or treatment.
Regulations that typically apply
- MDRmandatory
A medical purpose makes it a medical device; its risk class sets the conformity route and whether a Notified Body is required.
Open reference → - GDPRmandatory
Health data is a special category of personal data with heightened obligations.
Open reference → - EMCmandatory
Electromagnetic-compatibility requirements apply — under the EMC Directive, or folded into the RED for the wireless models — alongside the MDR’s own EMC expectations.
Open reference → - RoHSmandatory
Medical EEE is in scope of RoHS.
Open reference → - REDusually
Most connected health wearables transmit over Bluetooth or cellular.
Open reference → - CRAconditional
Devices regulated under the MDR are largely carved out of the CRA to avoid double regulation; a non-medical companion app or accessory sold alongside still falls under it.
Open reference →
A starting map, not a binding assessment — applicability depends on your product’s exact features and target markets.
What’s different about compliance here
For medical wearables the MDR dominates everything else: the device’s risk class decides whether you can self-declare or need a Notified Body, and software can itself be the medical device. On top of that, health data is special-category under the GDPR, so security and lawful-basis obligations are stricter than for ordinary consumer IoT. The device itself is carved out of the Cyber Resilience Act to avoid double regulation, but a non-medical companion app shipped alongside still falls under the CRA.
Check your specific product