§01
How NMPA classifies AI medical devices
AI-enabled medical devices fall under CMDE's software guideline framework, with additional AI-specific technical review principles. Risk classification follows traditional Class II / Class III logic, but AI-specific evidence on data, algorithm, and clinical performance is layered on top. Most diagnostic AI ends up Class III · the high-risk track with the longest review.
- Algorithm filing · the model architecture, training scope, and intended population are part of the registration record.
- Chinese-population validation · regulators expect performance evidence on local data, not only foreign cohorts.
- Locked-model default · adaptive behaviour after registration triggers re-filing, not a PCCP-style envelope.
- Clinical evaluation guidance for AI-aided detection (2023) sets specific expectations on reader studies and reference standards.
§02
Where NMPA diverges from FDA/EU
The instinct to reuse a 510(k) or MDR dossier breaks down quickly. NMPA wants its own algorithm description in Chinese, its own validation on Chinese patients, and its own change-control discipline that assumes the model is locked at registration. Predetermined change control as the FDA frames it does not have a clean analogue.
§03
Cybersecurity and software guidelines
NMPA's medical device cybersecurity expectations align broadly with IMDRF principles, secure design, vulnerability management, post-market patching, but reference Chinese national standards (GB/T) and the Cybersecurity Law / Data Security Law / PIPL stack for data handling. Cross-border data transfer of training and post-market data is a live, evolving constraint.
§04
Practical posture
Treat NMPA as a distinct market with a distinct dossier, not a translation exercise. Plan local clinical evidence early, lock your model for the Chinese registration, and budget for a separate post-market change pathway. Most surprises in this market come from assuming convergence that is not there.