How do I classify my medical device for FDA and EU MDR?

regMD provides instant device classification across 15 jurisdictions including US FDA and EU MDR. Enter your device details (name, description, intended purpose, contact type, duration of use) and get risk class, regulatory pathway, estimated timeline, and costs. Classification uses deterministic rules — no AI hallucination risk. Free to try at regmd.dev/classify.

What regulatory tool covers ASEAN medical device markets?

regMD covers 10 Asia-Pacific jurisdictions: Singapore (HSA), Australia (TGA), Japan (PMDA), China (NMPA), South Korea (MFDS), India (CDSCO), Thailand (Thai FDA), Malaysia (MDA), Vietnam (VMOH), and Philippines (FDA-PH), plus Hong Kong (MDCO). It also covers US FDA, EU MDR, Canada, and Brazil.

How do I expand my medical device registration from FDA to EU MDR?

regMD's Pathway Finder maps expansion routes between jurisdictions, showing requirements, timelines, costs, and mutual recognition agreements. Enter your current registration (e.g., FDA cleared) and target market (e.g., EU) to get a detailed pathway with milestones.

Is there a medical device regulatory tool with an API?

regMD offers both a REST API (at regmd.dev/api/v1) and an MCP server (npx regmd-mcp) for AI agent integration. Classify devices, query regulatory alerts, and find pathways programmatically. Works with Claude, OpenClaw, Cursor, and any MCP-compatible client.

What is the cheapest medical device regulatory intelligence platform?

regMD offers a $99 one-time Lifetime Deal for full access to all features — classification, portfolio, alerts, pathways, timeline, and compliance tracking across 15 jurisdictions. Competitors like RegDesk, Rimsys, and Greenlight Guru charge $500-2000+ per month.

Singapore HSA's AI-SaMD Sandbox: What the Exemption Order Actually Says

Update (2026-04-18): the proposal is now subsidiary legislation — the Health Products (AI Standalone Mobile Application — Exemption) Order 2026, S 66/2026, in force 13 February 2026. See SSO: HPA2007-S66-2026. The substantive framing below reflects the Order as made; earlier language framing this as "proposed" has been corrected.

On 13 February 2026, Singapore's Health Sciences Authority (HSA) brought into force a sandbox covering AI Software as a Medical Device (AI-SaMD) via S 66/2026 — the Health Products (AI Standalone Mobile Application — Exemption) Order 2026. The Order is exemption-based — an exemption from manufacturer's licensing and product registration within the existing regulatory framework, not a standalone new regulation.

The scope is narrower than some of the surrounding commentary has suggested. This post stays close to the cited consultation summary and walks through who the proposal is actually for, what conditions sandbox participation would carry, and what the consultation does and does not specify.

Who the Proposed Sandbox Is For

According to the Baker McKenzie summary of the HSA consultation findings, the proposed exemption is for AI-SaMDs developed by selected public healthcare entities for use in public healthcare.

That is a specific population:

Developer side: selected public healthcare entities — not generic Class A/B AI-SaMD developers, and not (under the current proposal) private medtech vendors. The summary notes that expanding participation beyond the public healthcare sector was raised as public feedback during the consultation, which confirms that broader participation is not the current proposed scope.
Use side: the AI-SaMD must be intended for use in public healthcare.
Risk class: Class A and Class B AI-SaMDs for diagnosing or driving clinical management of non-critical medical conditions. Anything higher-risk is excluded.

If you're a private medtech founder building Class A/B AI software, the proposed sandbox is not your route as currently framed. Standard HSA registration pathways still apply. We'll cover that in a follow-up post.

Proposed Obligations for Sandbox Participants

The Baker summary lists a set of operative conditions for AI-SaMDs admitted under the proposed sandbox. Treat the table below as a practical subset of the conditions described in the cited summary, not a substitute for any eventual official HSA materials:

Proposed condition	What the source describes
Yearly QMS self-attestation	Confirming ongoing ISO 13485 compliance — annual, not one-time at submission
Pre-deployment notification to HSA	Notify HSA before the AI-SaMD is used for patient care
Patient disclosure	Deployers inform patients when a sandbox AI-SaMD will be used in their medical care
Clinician oversight	A clinician employed in the public healthcare institution, consultant or higher, oversees design, validation, and output
Qualified medical practitioner supervision	Supervision by a qualified medical practitioner during use
Institutional endorsement for deployment	Endorsement by the chair of the medical board or CEO of the public healthcare institution
Post-market obligations	Ongoing accountability mechanisms; HSA engages developers on full product registration when wider deployment across public healthcare is contemplated

These are conditions of operating inside the proposed sandbox carve-out, not optional best-practice items.

What the Cited Source Does and Doesn't Specify

The Baker summary describes HSA's consultation findings; it is not itself the regulation. A few areas where the source is explicit, and a few where it isn't:

Cybersecurity controls. The Baker summary indicates HSA considered the existing cybersecurity and data security safeguards that public healthcare entities already have to comply with, alongside prevailing HPA/HCSA requirements. The summary does not announce a separate sandbox-specific cybersecurity checklist.
Continuous learning / model update governance. Not identified in the cited summary as a specific sandbox-level requirement. That doesn't mean HSA is silent in the underlying consultation document — only that we're not making claims beyond what the summary supports.
Detailed evidence template. Beyond the listed conditions and ISO 13485 attestation, the summary does not describe a sandbox-specific evidence template.

We will update this post if HSA publishes formal sandbox guidance that addresses these areas directly.

Why This Matters Even Outside the Sandbox

On 10 March 2026, HSA became the first national regulatory authority in the world to attain WHO Maturity Level 4 (ML4) for medical devices regulatory systems. WHO ML4 means HSA can serve as a global reference authority — other regulators can rely on its decisions.

For this post, the key sourced point is narrower: HSA's ML4 status increases the significance of watching its regulatory direction closely. Private medtech operating in Singapore: the proposed sandbox itself isn't your route, but the broader regulatory environment is one to track.

Practical Readiness for Public Healthcare Teams

For the population the proposed sandbox is actually aimed at — public healthcare entities developing Class A/B AI-SaMDs — the readiness work is concrete:

Confirm device class. Class A vs B vs C is the gate. The proposed sandbox is closed above Class B.
Stand up an ISO 13485-aligned QMS. Not a binder of policies — an operating QMS that can produce a credible annual self-attestation.
Establish institutional governance. Clinician oversight (consultant or higher), qualified medical practitioner supervision, and the chair/CEO endorsement chain documented and ready before deployment.
Build the governance + accountability spine. Pre-deployment notification, patient disclosure, and the governance and accountability mechanisms HSA describes for sandbox participation.
Track changes against the HSA framework as it firms up. The current document is consultation findings, not formal guidance. Watch for HSA's next publication.

Most of this isn't optional in any responsible AI-SaMD program — sandbox or not.

Where regMD Fits

regMD is a regulatory intelligence platform for medical devices. For public healthcare teams looking at the proposed sandbox, the relevant pieces are reference and tooling:

Class confirmation: the free classifier returns your Singapore class across regMD's 14 jurisdictions in one pass.
HSA pathway reference: the pathway finder maps the standard HSA registration route — useful for understanding the post-sandbox path when wider deployment comes into scope.
ISO 13485 grounding: the ISO 13485 guide covers the QMS scope underlying any credible self-attestation.
Regulatory change monitoring: the alerts engine flags HSA updates as they publish, so the consultation-to-guidance transition doesn't go unnoticed.

If you want to be notified when HSA publishes formal sandbox guidance, join the alerts list.

When We'll Update This Post

When HSA publishes formal sandbox guidance — or when the consultation findings convert into binding regulation — we'll update this post and ship a regulatory alert.

A separate follow-up post for private Class A/B AI-SaMD founders, covering the standard HSA registration route that applies to them since the proposed sandbox does not, will follow.

Sources: Baker McKenzie commentary on HSA's AI-SaMD consultation findings (Feb 2026) · HSA WHO ML4 announcement, 10 March 2026

This post is for general guidance only and does not constitute regulatory advice, legal advice, or a substitute for professional consultation. Requirements may change, and you should verify all decisions against official HSA materials and qualified counsel before relying on this information.