The e-health reference catalogue provides an overview of mandatory and recommended standards for health and care services, as well as other requirements documents such as technical specifications. Currently, there are no mandatory or recommended standards in the reference catalogue that deal specifically with AI. However, the European Commission has asked the European standardisation organisations CEN and CENELEC (ec.europa.eu) for European standards to support the implementation of the AI Regulation. Eventually, these will also be harmonised for Norwegian conditions and included in the reference catalogue.
The European Medical Device CoordinationGroup (MDCG) is composed of national experts and the establishment of the group is regulated in the MDR (Articles 103-108). Among other things, they have published guidance on
A report published by the UK National Cyber Security Centre (NCSC) and the US Cybersecurity and Infrastructure Security Agency (CISA), among others, provides guidelines for the secure development of AI systems, and these can be used to see what a supplier can be expected to do to manage information security risks in the systems they develop: Guidelines for secure AI system development (ncsc.gov.uk)