Hospital Procurement Expectations Outpace AI Regulation for Medical Device Manufacturers

health news

As AI becomes embedded in medical technologies, manufacturers should prepare to demonstrate AI governance alongside cybersecurity

SCHAUMBURG, Ill., July 2, 2026 /PRNewswire/ — Medical device manufacturers are entering a new procurement landscape where demonstrating cybersecurity and responsible AI governance may soon become as important as regulatory approval, according to DQS, a global provider of auditing and certification services.

Based on its work auditing organizations against standards including ISO 27001 and ISO 42001, DQS says customer procurement expectations are evolving faster than regulations, creating a new reality for manufacturers developing AI-enabled medical technologies. Organizations that wait for formal mandates before strengthening AI governance risk falling behind customer expectations.

“Medical device manufacturers already prepare for regulatory approval,” said Dr. Yuan Li, Director of Medical Business at DQS. “Soon, they’ll also need to prepare for procurement approval. Healthcare organizations want confidence that connected devices and AI-enabled technologies are secure, reliable, and responsibly governed before they reach patients.”

Cybersecurity has become a baseline expectation throughout much of the healthcare supply chain. Hospitals and healthcare systems routinely evaluate vendors’ information security practices during procurement, making certifications such as ISO 27001 an important differentiator.

As artificial intelligence becomes embedded in medical devices, however, the conversation is expanding beyond cybersecurity. Manufacturers are increasingly being asked by hospitals and healthcare organisations not only how they protect systems and data, but also how they govern the AI models themselves, particularly for AI-powered diagnostic, monitoring and clinical support technologies. ISO/IEC 42001 provides a framework for establishing and continually improving a management system to govern AI responsibly.

“Cybersecurity remains foundational, but AI introduces risks that traditional information security frameworks were never designed to address,” said Li. “While 27001 helps organizations manage information security, AI-enabled technologies require additional governance around issues such as model oversight, bias, transparency, human accountability and lifecycle management. This is what 42001 does.”

ISO 42001 is not currently required for most medical device manufacturers, but DQS believes market expectations will drive adoption ahead of regulatory mandates. Recent cyber incidents affecting medical technology organizations further highlight how operational disruptions can extend well beyond IT systems, delaying product availability, interrupting care delivery and impacting patients. According to DQS, these events reinforce the need for organizations to view cybersecurity and AI governance as business priorities rather than compliance exercises.

“Those that prepare now will be better positioned as customer expectations evolve,” Li said. “Companies that wait for explicit requirements may find procurement expectations have already moved ahead.”

As AI adoption accelerates across healthcare, DQS encourages manufacturers to begin evaluating AI governance alongside their existing quality, cybersecurity and risk management systems to remain competitive.

About DQS
DQS is one of the world’s leading certification bodies, providing auditing and certification services for management systems and processes across industries including healthcare, manufacturing, information security, sustainability and artificial intelligence. With decades of experience helping organizations demonstrate quality, security and operational excellence, DQS supports customers navigating evolving global standards, including ISO/IEC 27001 and ISO/IEC 42001.

Cision View original content:https://www.prnewswire.com/news-releases/hospital-procurement-expectations-outpace-ai-regulation-for-medical-device-manufacturers-302816974.html

SOURCE DQS

Iframe sync
error: Content is protected !!