Cybersecurity & Regulation: »AI has no Causality« – Medical Technology Needs Rules

By Ute Häußler

Artificial intelligence is not only changing medical devices; AI is also changing medical device manufacturers themselves and the way they create value. Representing this balancing act at a trade fair – that is, both the status quo with current products and the present tectonic shifts for technology and the economy – is difficult, to put it mildly. MedtecLIVE 2026 brought this balancing act to the stage. The medical technology trade fair in Stuttgart showed what is and what is coming – and why it is so damn complicated.

What distinguished these three days from other specialist events was that the tension was allowed to stand. No one pretended that the contradictions were resolvable. Cybersecurity versus Safety. Explainability versus data scarcity. Regulation versus speed of innovation. European thoroughness versus global speed. MedtecLIVE did not moderate away any of these conflicts – and showed great strength in doing so.

A keynote for a new beginning

Keynote speaker Tobias Gantner set the tone. The professor and expert for digital transformation in healthcare did not start with AI statistics, but with a civilizational provocation: Even the Romans had invented the steam engine – and, with their rather pessimistic worldview, used it only to open temple doors. »Let us remain optimistic, the future is created in togetherness,« Gantner said to the audience in Stuttgart. In a world where AI already outperforms humans in five out of eight cognitive categories, specialist idiots are no longer needed. Humans must use their thinking organ as overarching generalists: orchestrating, evaluating, and putting AI results into the right context.

Gantner did not omit the risk of so-called »deskilling,« i.e., the loss of skills through the use of technology. A Lancet study showed that gastroenterologists provided worse self-diagnoses after three months of AI support than the control group without AI. »We must be honest about how and when we use AI,« he continued – because anyone who uses technology as an invisible helper without saying so is ultimately cheating both the patient and themselves. So, integrate AI openly into everyday life, and do it quickly. Gantner formulated the final sentence of his keynote based on the signs on rearview mirrors as both a promise and a warning: »Objects of the future might be closer than they appear.«

Pulling in the same direction?

The panel following this, »Manufacturers and Users in Medical Technology - All in the Same Boat?«, with Tobias Gantner on the technology side, Dietrich Monstadt on the political side, and Thorsten Reichle on the clinic side, gave an honest answer under the moderation of Dr. Meinrad Lugan: Yes and no. Health expert Dietrich Monstadt, who had fought tirelessly to anchor medical technology as a leading industry in the coalition agreement, remained sober: »I hope that this success is not talked to death in the mills of politics.«

Thorsten Reichle from the Klinikverbund Südwest described his position between Gantner on one side and Monstadt on the other with disarming precision: »I stand between the framework conditions of politics and the future that will come — right in the middle of reality.« Last week's law once again withdraws operating resources from the system, while at the same time more funding for digitalization flows in. 370 medtech equipment manufacturers in his own hospital group, supply chains under pressure again, the MDR as a market shakeout instrument that causes products to disappear, particularly in pediatrics and oncology. However, Reichle also said that automation and AI offered a real opportunity for clinics – initially in logistics and procurement – to use synergies and regional partnerships in the face of rising cost pressure. While Gantner then praised digital thinking and available computing power as an opportunity for SMEs, Reichle interjected that the CE procedure is hardly manageable anymore for SMEs with more than three sites. The clinics do not have the capacity to assemble technology fragments themselves. It must arise in the region and go directly into application. Despite all the difficulties, the three gentlemen were able to agree on a joint guideline: »Smarter, together, simpler«.

But how to start specifically?

The Medical Mountains Forum in the afternoon was followed by what has been far too rare in the AI context: specific numbers, traceable processes, sober self-criticism. Peter Hartung from software provider M&M showed AI in manufacturing as a systematically underestimated entry point — no licensing issues, no CE effort, but real »Return on Investment« after nine to eleven months.

Julian Alpers from AI6 Solutions then warned against tool proliferation: An IT scan at one customer found over 70 unregistered AI tools on employee computers alone. A Copilot update had activated dynamic flex routing — during peak times, data was processed on servers outside the EU. Which means: Patient-related data subject to GDPR and MDR leaves the European legal area — quietly, automatically, and without a human ever deciding it. Regulation is without a doubt important, but medical technology lawyer Dr. Angela Graf added without false reassurance: »If I only think about liability, I won't invest. I have to play the innovation card, otherwise the train will have left the station.«

Security as a matter of attitude

The second day of the fair put the pain points of medical technology digitalization and AI transformation on the table – unvarnished and open. For an introduction, Jasmin Löffler's lecture »No time for digitalization: Why we stick to old processes« gave an honest look at cognitive errors that prevent change. Peter Hartung from M&M software practically and manageably categorized the regulations of the MDR and the AI Act for medical device developers under the title »Code doesn't heal, but without code nothing heals.«

And then an »ethical hacker« took the MedtecLIVE stage: Gerhard Klostermeier from cybersecurity expert Syss spoke in a constructively alarming way from the attacker's perspective. Pacemakers with hackable wireless interfaces: not a thought experiment, but a congress topic at the Chaos Communication Congress, the annual meeting of around 10,000 IT security experts in Hamburg. A prosthesis with European certification that anyone who passed close enough could reprogram — no encryption, no password. A ventilator that could be put out of operation by simple network packets. »The patient suffocates« was not sensationalism, but sober threat analysis.

The actual message was the attitude that medical device manufacturers must adopt. Because compliance and real security are two different things according to Klostermeier, which are often confused in practice. Manufacturers like to narrow the scope: The foot pedal? Not our product. The USB port? Behind two screws, so it's safe. »I've seen many — let me say carefully — excuses there,« says the hacker. IT security must be a management decision, planned from the start, not grafted on retrospectively. Hacking must be seen as an opportunity: »Only the vulnerabilities I know about can I really fix.«

Where does too much security hurt?

Dr. Georg Heidenreich from Siemens Healthineers provided the necessary reflection from the manufacturer's perspective — with a realistic awareness of the complexity in everyday clinical practice. An unnecessary security level can also be dangerous, as he illustrated using the example of an infusion pump on battery power: because complex encryption costs CPU power, costs battery, and an empty battery means no medication delivery. »The defense against an unlikely scenario ultimately costs a human life if the medicine is not administered.« Or the surgical console in the emergency room: Does it need an extra login when every second counts? The MDR regulates this clearly – safety and performance come first. Heidenreich said: »Cybersecurity is supported by technology, but cybersecurity is not guaranteed by technology.« However, this has not yet quite arrived at the regulatory bodies in Brussels.

And so, as a company, one has to hack oneself in order to stand in the way of attackers and classify scenarios as realistic or rather unlikely. In Bratislava, Siemens Healthineers operates a laboratory in which an AI attacks its own devices – as a targeted response to developments such as Claude from Anthropic, which can develop attacks autonomously. Heidenreich's request »You can't get around it, you have to participate,« could be understood as an urgent security appeal for every medtech company.

From start-up to clinic

But how do new technologies, including artificial intelligence from research or from an idea born in a hospital, actually get into the everyday lives of doctors and patients? Felix Winter, newly appointed Managing Director of Medical Valley EMN, showed on the MedtecLIVE stage how a regional cluster can drive digital health forward in the combination of science-manufacturer-clinic. With a 250-member regional network of manufacturers and suppliers and a startup center directly at the University of Erlangen, from which over 200 startups have already emerged, there is an innovation chain in the Erlangen-Nuremberg metropolitan region that extends from the idea to clinical application.

One of the flagship projects is the start-up Rivercyte, which won the Medical Valley Award in 2021 and is launching a cell analysis device for the rapid detection of sepsis, among other things. Founder Martin Kräter says: »With the prize money of €250,000, we were finally able to spin off.« A sentence that shows how much can depend on a single funding moment and how much innovation in medical technology needs these concrete, early springboards. All the better that Rivercyte was also able to convince the jury of the MedtecLIVE startup contest with its idea – and even landed in first place.

Where AI meets its limits

On the third day of the fair, the VDE Forum, moderated by Dr. Thomas Becks, Managing Director of the DGBMT specialist society, dedicated itself to embedded AI in scientific and clinical practice — getting specific and leaving out little from image analysis to real-time monitoring and diagnostics to AI labeling, regulation, and courage.

Becks opened with strategic classification: AI-supported systems already support image analysis, clinical decisions, and continuous monitoring today. Embedded AI solutions on specialized hardware architectures enable energy-efficient real-time processing — which is particularly relevant for implantable devices that cannot rely on cloud connectivity or data centers.

Caroline Reßing from Fraunhofer IMS showed what this looks like in practice. An ECG patch, smaller than a postage stamp, detects atrial fibrillation directly on the chip — no cloud uplink, everything is local. The PADcam project makes skin perfusion visible where no parameters were previously available. And the Careful-Edge-X system brings Gaia-X structures into care: RISC-V processors at the patient's bedside evaluate alarm signals before caregivers even see them. Reßing's conclusion: »The entry barrier of bringing AI directly to your systems and not sending it to a cloud system is firstly faster and more effective — and the data security of patients remains guaranteed.«

Prof. Michael Bortz from Fraunhofer ITWM brought the mathematical counter-perspective — and it knows no compromises: »AI is not causal. AI does not discover new patterns. It only recognizes them again.« Exactly this difference between causality and correlation is decisive in a clinical context. In neuromonitoring, AI can classify and predict brain waves and also recommend measures — but it does not see the reason for an epileptic seizure. Explainable AI would be the answer. But that requires someone to label the data.

Bortz used a striking example to show how time-consuming and at the same time irreplaceable this is: For years, a surgeon had voluntarily recorded, digitized, and annotated the latency signals of nerve strands during his own operations in his spare time — in order to train an AI that today warns colleagues in real-time about vocal cord injuries during thyroid surgeries.

For Becks, this leads to a clear consequence: doctor and AI developer must speak one language. »Onset latency vs. feature — the first step in a new project is a common vocabulary check.« Sometimes the engineer needs a basic course in anatomy, sometimes the doctor needs a basic course in statistics. Interdisciplinarity between medicine, computer science, mathematics, and law is the only way from proofs-of-concepts to clinically usable products. No AI developer alone can ensure data quality and its clinical interpretability. »You just don't find good data on the internet.«

In the panel discussion, the urgency became palpable. Bortz formulated a European opportunity from it: »Explainability and thus also certification can be a TÜV for embedded AI systems.« This step must be taken now — with the global tech giants at our back, »the train will have left in five or six years.« Reßing added the cultural aspect: »We have a very pronounced risk avoidance culture. Sometimes justified, it slows us down though. And then in the end we buy technologies that were developed elsewhere and wonder why we weren't there.« Becks concluded with an assessment that goes beyond the technical: it needs more pioneers, more decisions instead of processes, more courage for application. The pioneers are there. »We need to lock them all in a room now.«

Pressing the start button

»Objects of the future might be closer than they appear,« Tobias Gantner's visionary urgency had set the tone on the very first day of the MedtecLIVE supporting program. Three days later, after everything that was discussed, shown, and demanded, the sentence took on a new sharpness in Stuttgart. Because in addition to technologies and opportunities, »oncoming traffic« is also closer and denser than expected. AI that develops attacks on medical devices autonomously, prostheses without encryption, hallucinating models that sound completely convinced, and regulatory incompatibilities that become a disadvantage in global competition. And explainability as a possible opportunity, which often still relies on extra work from medical specialists.

The lectures and discussions at MedtecLIVE showed both: the possibilities that are already there — embedded AI on microchips, ECG patches that detect atrial fibrillation locally, explainable models for intraoperative neuromonitoring. And the gaps that no one could talk away: a missing common language between doctor and engineer, missing or insufficient reliable data, sprawling and contradictory regulations – and a lack of courage for controlled innovation.

The VDE-DGBMT head Dr. Thomas Becks had said — half jokingly, half as an urgent demand — that the pioneers should all be locked in a room. And perhaps the aisles of MedtecLIVE were already exactly that room: three days of concentrated technology and AI expertise in Hall 3. Now the cooperations and approaches initiated on the Filder must be shaped and expanded – for AI in medical technology, intelligent digitalization, and the competitiveness of European medical products and their manufacturers and suppliers. Please put your hand on the switch – let's go.