A medical device is any health-related product that works through physical, mechanical, or digital means rather than through chemical or metabolic action in your body. That single distinction is what separates a device from a drug. The category is enormous, covering everything from tongue depressors and bandages to artificial hearts and AI-powered diagnostic software. The global medical device market was valued at roughly $572 billion in 2025 and is projected to exceed $1 trillion by 2034.
How a Device Differs From a Drug
The key dividing line is how a product achieves its purpose. A drug works by triggering a chemical reaction inside (or on the surface of) your body, or by being metabolized. A medical device works physically or mechanically. A vascular stent, for example, holds open a blood vessel by acting as a physical scaffold. A corrective lens bends light to fix your vision. A spinal implant maintains spacing between vertebrae and stabilizes the spine. None of those products rely on chemistry to do their job.
This distinction matters because it determines how a product is regulated, tested, and approved before it reaches you. Some products blur the line. A drug-coated stent, for instance, provides both a physical scaffold and a chemical coating that prevents scar tissue. These “combination products” are classified based on whichever mode of action is primary.
Common Types and Examples
Medical devices span a remarkably wide range:
- Simple tools: thermometers, bandages, tongue depressors, manual wheelchairs
- Implants: hip replacements, pacemakers, cochlear implants, intraocular lenses
- Diagnostic equipment: X-ray machines, MRI scanners, ultrasound systems
- In vitro diagnostics: blood glucose monitors, COVID tests, drug screening kits, pregnancy tests
- Digital health tools: software that analyzes medical images, apps that detect irregular heart rhythms
In vitro diagnostics deserve special mention because most people encounter them regularly without thinking of them as medical devices. Any test performed on a sample taken from your body (blood, urine, tissue) counts as an in vitro diagnostic device. That includes home blood glucose monitors used by people with diabetes, flu tests at urgent care, and even direct-to-consumer genetic tests.
The FDA’s Risk-Based Classification System
In the United States, the FDA sorts every medical device into one of three classes based on how much risk it poses to the patient. The higher the risk, the more evidence a manufacturer must provide before selling the product.
Class I devices carry the lowest risk. Think elastic bandages, manual stethoscopes, and dental floss. About 74% of Class I devices are exempt from the premarket notification process entirely, meaning manufacturers can bring them to market without submitting a formal application to the FDA, though they still must follow basic manufacturing and labeling standards.
Class II devices pose moderate risk and need to meet additional requirements called “special controls,” which can include specific testing standards, labeling requirements, or postmarket surveillance. Clinical thermometers, powered wheelchairs, and pregnancy test kits fall into this category. Most Class II devices require a 510(k) submission, where the manufacturer demonstrates their product is substantially similar to one already on the market.
Class III devices carry the highest risk. These are products that sustain or support life, are implanted in the body, or present a potentially unreasonable risk of illness or injury. Heart valves, implantable defibrillators, and deep brain stimulators are Class III. They require the most rigorous pathway: premarket approval, which typically involves clinical trial data proving the device is safe and effective.
Software as a Medical Device
One of the fastest-growing categories doesn’t involve any physical hardware at all. The International Medical Device Regulators Forum defines “Software as a Medical Device” as software intended for medical purposes that performs those purposes without being part of a hardware device. An app on your phone that uses your camera to detect skin lesions, or a cloud-based algorithm that flags suspicious findings on a chest X-ray, both qualify.
The FDA has now authorized over 1,450 AI and machine learning-enabled medical devices. Most of these are concentrated in radiology, where algorithms help radiologists spot tumors, fractures, and other abnormalities in medical images. Others serve cardiology, neurology, pathology, and gastroenterology. This number has grown rapidly in recent years and continues to accelerate as more developers enter the space.
How Quality and Safety Are Enforced
Manufacturers don’t just need approval to sell a device. They must also maintain ongoing quality systems throughout the product’s life. The international standard ISO 13485 lays out requirements for designing, producing, installing, and servicing medical devices. It places heavy emphasis on risk management, requiring companies to identify and mitigate potential hazards at every stage, from early design through post-sale monitoring.
In Europe, the Medical Device Regulation (EU 2017/745) introduced stricter requirements for development, market launch, and postmarket surveillance compared to the older directive it replaced. Both U.S. and European frameworks share the same core goal: ensuring that a device performs as intended without exposing patients to unnecessary harm.
Cybersecurity for Connected Devices
As more medical devices connect to hospital networks, the internet, or your smartphone, cybersecurity has become a regulatory priority. A compromised insulin pump or pacemaker isn’t just a data privacy issue; it’s a patient safety issue. The FDA now requires manufacturers of connected devices to address cybersecurity throughout a product’s design, including how the device will be updated and patched after it reaches the market. These requirements apply to any device with cybersecurity risk, and manufacturers must document their cybersecurity strategy as part of the premarket submission process.
This reflects a broader shift in how regulators think about medical devices. A product’s safety profile no longer ends at the factory door. For software-driven and network-connected devices especially, safety is an ongoing obligation that extends across the entire product lifecycle.