GSPR Checklist 2025: Key Compliance Updates for Medical Device Manufacturers
For medical device manufacturers navigating the European market, the GSPR checklist is far more than a regulatory requirement—it serves as the foundation of EU MDR compliance. It directly demonstrates whether your device meets essential safety and performance standards required for CE marking.
With 2025 bringing updated interpretations, stricter notified body expectations, and rapid technological advancements, manufacturers must now reassess their GSPR checklist with a strategic and evidence-based approach.
This article outlines the latest updates, regulatory expectations, and essential compliance strategies that remain critical for achieving and maintaining EU MDR compliance in 2025.
Looking For a Medical Device Regulatory Consultant?
A Quick Recap: What GSPR Really Means
The General Safety and Performance Requirements (GSPR), defined under Annex I of the EU MDR, consist of 23 essential requirements that address all critical aspects of a medical device, including:
- Safety and risk management
- Clinical performance and effectiveness
- Usability and human factors
- Labeling and instructions for use
- Software reliability and cybersecurity
These requirements apply to all devices—from basic surgical instruments to complex AI-powered medical technologies.
What’s New in 2025?
1. Controls on Cybersecurity and Software (GSPR 17.2)
Medical devices that rely on software or are digitally connected are now subject to increased cybersecurity scrutiny.
Manufacturers must provide clear documentation of:
- Cybersecurity threat and risk assessments
- Secure software development lifecycle (SDLC) practices
- Data protection mechanisms
- Long-term update and patch management strategies
Key Insight: Cybersecurity is no longer optional—it must be integrated from the design phase.
2. Greater Demand for Clinical Evidence (GSPR 1–9)
Notified Bodies are placing greater emphasis on clinical data, especially for higher-risk devices.
Manufacturers are now expected to:
- Provide direct clinical evidence for safety and performance
- Clearly link Clinical Evaluation Reports (CER) to GSPR 1–9
- Ensure risk management and post-market surveillance (PMS) data support all claims
Reliance on older or equivalent devices alone is no longer sufficient.
3. Environmental Impact Under Review (GSPR 13–14)
Sustainability and environmental safety are gaining importance in regulatory assessments.
Manufacturers must address:
- Use of hazardous substances
- Recycling and disposal processes
- Environmental impact across the device lifecycle
Regulators expect transparency in how devices contribute to eco-safe healthcare practices.
4. AI/ML Devices: Under the Regulatory Lens
Artificial Intelligence (AI) and Machine Learning (ML)-based devices are receiving heightened regulatory attention.
Manufacturers must:
- Demonstrate algorithm consistency and reliability
- Provide transparency in AI decision-making
- Validate that learning systems do not introduce bias or safety risks
- Monitor real-world performance continuously
Expect detailed technical evaluations from notified bodies.
GSPR Areas That Remain Essential
Area | Focus | Actions to Take |
GSPR 1–9 | Safety and performance | Align with CER, risk files, usability tests, and post-market surveillance |
GSPR 10–12 | Biocompatibility and chemical safety | Use recent test data aligned with current ISO standards |
GSPR 13–15 | Hygiene and manufacturing processes | Ensure cleaning validation and traceability, especially for reusable devices |
GSPR 16–23 | Labelling and software reliability | Update instructions, verify software performance, and validate EMC compliance |
Practical Strategies for 2025
To stay ahead, manufacturers are adopting a more integrated approach to GSPR compliance:
- Build a live matrix linking each GSPR to specific documents in the technical file
- Involve design, clinical, regulatory, and quality teams early in product development
- Use software tools to automate document mapping and gap identification
- Regularly review and revise documentation based on the latest guidance and feedback.
Get Expert GSPR Compliance Support
GSPR Success Starts with the Right Partner: Operon Strategist
In 2025, the GSPR checklist is not just a document—it is proof of your product’s safety, performance, and compliance with EU MDR. Operon Strategist helps medical device manufacturers achieve faster approvals through end-to-end GSPR compliance support, including checklist preparation, technical documentation, clinical evaluation, and risk management.
Along with this, we offer integrated services such as CE Marking for Medical Devices, ISO 13485 Certification Consulting, Medical Device Registration in Europe, FDA 510(k) Consulting Services, and Medical Device Manufacturing Facility Setup, ensuring complete regulatory support from product development to global market entry. With our expert-driven approach, we help you minimize compliance risks and accelerate certification with confidence.
FAQs
What is the GSPR checklist?
The GSPR checklist is a structured document used to demonstrate compliance with the General Safety and Performance Requirements under the EU MDR.
How many requirements are included in the GSPR checklist?
The GSPR checklist includes 23 requirements outlined in Annex I of the EU MDR.
What are the key updates in GSPR checklist 2025?
Key updates include stricter cybersecurity requirements, increased demand for clinical evidence, environmental considerations, and enhanced scrutiny of AI/ML-based medical devices.
What is GSPR 17.2?
GSPR 17.2 focuses on cybersecurity requirements for software and connected medical devices, including risk assessment and data protection measures.
Why is clinical evidence important in GSPR compliance?
Clinical evidence ensures that a medical device is safe and performs as intended, which is essential for regulatory approval.
