Standards Map for Connected, Intelligent Medical Devices (CIMDs)


This interactive standards mapping tool comprises the main published and in development standards that apply to Connected, Intelligent Medical Devices (CIMDs).

It is primarily aimed at software developers, device manufacturers, and enterprises to inform the responsible development and marketing of their CIMDs, although it can be used more broadly by CIMD users willing to ensure the devices they purchase or utilise respect patient safety, security, and privacy, as well as the integrity and resilience of healthcare systems. Academic researchers are also very welcome to use the tool.

What are CIMDs? CIMDs are medical devices that incorporate Artificial Intelligence (AI) software and use communication technologies and networks to transfer, manage, store, and analyze health data. These devices can be wearable or implantable, collect physiological patient data and/or provide therapeutic options (e.g., neurostimulator). They can be software-based medical devices or standalone Software as Medical Device (SaMD) or AI as Medical Device (AIaMD). The devices themselves, the digital infrastructure that supports them, and the data collected are creating the Internet of Medical Things (IoMT) – a connected infrastructure of medical devices, software applications, and digital health systems and services.

What will I find in the map? We identified three critical areas of standardisation for CIMDs, pertaining to Artificial Intelligence (AI), Cybersecurity, and Data Governance. For each of these categories you will find three additional types of standards:

– Regulatory standards and guidance documents. These are documents that further specify regulatory requirements for medical devices and digital healthcare. They are generally used to demonstrate conformity to regulatory requirements and can be mandatory.

– Principles and guidelines. These are documents that set codes of best practice, principles and guidelines pertaining to medical devices and digital healthcare. They are generally voluntary.

– General standards. These are documents that provide baseline good practice and guidance on how to implement, test, or assess digital technologies and systems pertaining to the integrity of AI systems, cybersecurity, and data governance in general, and specifically in the healthcare sector. They are mostly horizontal standards.

Authors: The Standards Map for Connected, Intelligent Medical Devices was created by Dr Andrew Mkwashi and Dr Irina Brass of the REG-MEDTECH Project at UCL, funded by the PETRAS National Centre of Excellence in IoT Systems Cybersecurity (EPSRC), in partnership with BSI (UK National Standards Body). The project team is grateful for the guidance from colleagues in the healthcare sector at BSI.

© 2022 Andrew Mkwashi and Irina Brass.
The Kumu platform was used for visualisation.
To cite, please use:
Mkwashi, A. and Brass, I. (2022) Interactive Standards Map for Connected, Intelligent Medical Devices. PETRAS National Centre of Excellence for IoT Systems Cybersecurity. Available at: