St John Lynch
& Co
Regulatory, Quality & Technical Engineering — Medical Devices & AI-enabled Medical Devices
Founded by Niamh St John Lynch
With 30 years in medical device regulation and quality management, we work with organisations at every scale — auditing and training global manufacturers, guiding new-start companies through their first QMS, and navigating the evolving regulatory and standards landscape including EU MDR, EU IVDR, the EU AI Act, and international ISO and IEC standards. Built by experts who help write the standards they are based on.
Practical Tools from Both Sides of the Regulatory Table
30 years of hands-on Quality and Regulatory experience — including 4 years reviewing QMS and Technical Documentation as a Notified Body assessor, and active involvement in authoring the international standards these documents are built on. These resources reflect what works in practice and what auditors actually look for.
Software & AIeMD SOPs
Includes GenAI policy guidance (ISO/IEC TS 25568) — plus software and AIeMD development lifecycle SOPs and planning templates under IEC 62304.
QMS Startup Pack — EU, UK & US
A complete QMS foundation for new-start medical device organisations — Quality Manual, 15 SOPs, templates, and work instructions.
Cybersecurity & Security SOPs
SOPs, templates, and work instructions for medical device cybersecurity, SBOM management, incident response, and vulnerability disclosure.
Where Regulatory Science Meets AI Governance
My doctoral work examines the regulatory and quality management challenges posed by AI-enabled medical devices — an area of rapidly evolving policy, standards, and clinical risk.
Regulatory Frameworks for AI-Enabled Medical Devices
Investigating the implications of EU MDR 2017/745 and the EU AI Act (Regulation 2024/1689) for manufacturers, including analysis of the EC's Simplification Digital Package and Omnibus Proposal and their impact on AIeMD conformity pathways.
AI-Enabled Medical Device Standards
Multidisciplinary literature review and gap analysis of international standards relevant to AI-enabled medical devices, assessed against EU AI Act requirements — including IEC 62304, ISO 14971, ISO 42001, IEC PAS 63621, and BS 30440:2023.
Trustworthy AI & Change Management
Developing frameworks for trustworthy AI in healthcare and agentic AI change management process assessment for medical device manufacturers, including evaluation of pre-trained third-party AI models for responsible and ethical use in medical device software.
Selected Research Output
10+ items in the DkIT STÓR research repository, spanning journal articles, book chapters, conference papers, research artefacts, and teaching resources.
Research Output
All publications are archived in the DkIT STÓR repository. Journal articles, book chapters, conference papers, a research artefact, and teaching resources.
Doctoral Research: Investigating AI-enabled medical device regulatory change management — examining how manufacturers, notified bodies, and competent authorities navigate post-market obligations under EU MDR 2017/745 and the EU AI Act (Regulation 2024/1689) when AI model updates occur in deployed devices. PhD with DkIT, registered under DCU, as part of the DkIT/UCD Collaborative Project on Trustworthy AI-enabled Medical Devices.
Selected Figures from Published Work
Illustrative diagrams drawn from peer-reviewed publications. Click the source links to access the full papers in DkIT STÓR.
AIeMD Standards Landscape: Regulatory & Technical Layers
Adapted from: St John Lynch et al. (2024) Artificial Intelligence-Enabled Medical Device Standards: A Multidisciplinary Literature Review. EuroSPI’24, Munich. View in DkIT STÓR
Active Projects
AI Change Management Process Assessment (ChangeIQ)
Development of a structured AI-enabled web application for regulatory change management assessment for medical device manufacturers. Based on a 19-section, ~160-question framework spanning EU MDR 2017/745, EU AI Act, ISO 13485:2016, IEC 62304, and ISO 14971. Formally archived as a research artefact in DkIT STÓR.
EU Simplification Package: MDR/IVDR & AI Act Alignment
Analysis of the EC's Simplification Digital Package and Omnibus Proposal and their implications for AI-enabled medical device manufacturers. Presented at the Irish MedTech QA/RA Regulatory Forum (Limerick, March 2026); published in Journal of Medical Device Regulations (in press, 2026).
Trustworthy AI Framework for Healthcare
Proposed framework for trustworthy AI in healthcare, developed through multidisciplinary research. Published as a Springer Nature book chapter (CCIS, 2025) and presented at EuroSPI'25 (Riga) and AICS 2025 (DCU, Dublin).
AI Standards Gap Analysis — MDR & AI Act
Systematic identification of gaps between existing harmonised medical device standards and EU AI Act Annex I requirements for high-risk AI systems. Underpins contributions to CEN-CENELEC AI Task Groups 1 and 2 and IEC TC62 expert committee work.
International & European Standardisation
Contributing to standards development at national, European, and international levels, with a focus on medical device software, AI governance, and regulatory alignment of emerging AI standards with EU MDR and the AI Act.
Plenary
JWG 12
JWG 15
PT 63450
PT 63621
SC 62A
AI TG1
AI TG2
ETC/TC10
IEC 62304:2006+AMD1:2015
Medical device software lifecycle processes. Central to change management analysis for AI-enabled medical devices and the ChangeIQ assessment framework.
ISO 14971:2019
Risk management for medical devices. Core framework for AI-related hazard identification and risk control measures.
ISO 13485:2016
Medical devices quality management systems. Anchors change control procedures and post-market surveillance obligations for AIeMD manufacturers.
ISO 42001:2023
AI management system requirements. Analysed for alignment and gap against EU AI Act Annex I within CEN-CENELEC TG work.
IEC PAS 63621
Guidance on artificial intelligence for healthcare. Key bridge standard under review in TC62 context and referenced in the literature review (EuroSPI'24).
BS 30440:2023
Change management for AI systems. Referenced in the AI Change Management Process Assessment artefact and ChangeIQ tool development alongside EU AI Act obligations.
Regulatory Expertise
for Industry
AI-Enabled Medical Devices · EU MDR · AI Act · Standards
With over 30 years in medical devices and active roles at the frontier of international standardisation, I provide specialist consulting to manufacturers, start-ups, and organisations navigating the evolving regulatory landscape for AI-enabled medical devices. My work bridges academic research, standards development, and practical quality management — giving clients access to expertise that is both current and applied.
Expertise Where It Matters
St John Lynch & Co brings together 30 years of hands-on medical device experience, active international standards leadership, and doctoral-level research into a single, focused consulting practice. Every engagement is grounded in current regulatory reality — not textbooks.
Areas of Consulting Expertise
Each engagement is grounded in current regulatory practice, active standards participation, and ongoing doctoral research — ensuring advice that reflects the latest developments in EU MDR, the AI Act, and international standards.
Medical Device Regulatory Strategy
Strategic guidance for manufacturers on conformity pathways under EU MDR 2017/745, with particular expertise in the implications of the EC's Simplification Digital Package and Omnibus Proposal for AI-enabled medical devices.
AI-Enabled Medical Device Compliance
End-to-end compliance support for AI-enabled and adaptive medical devices — covering Article 22 obligations under the EU AI Act (Regulation 2024/1689), post-market change management, and PMCF strategy.
Standards Gap Analysis & Implementation
Practical gap analysis against IEC 62304, ISO 14971, ISO 42001, IEC PAS 63621, and BS 30440:2023 — informed by active participation in the committees developing these standards.
Quality Management Systems
QMS review, design, and optimisation for medical device manufacturers, with specialist focus on change control, AI model update governance, and software lifecycle processes under IEC 62304.
AI Change Management Frameworks
Development and implementation of AI change management process assessments — including adaptation of the ChangeIQ framework for organisational contexts and integration with existing regulatory change control procedures.
Technical & Expert Review
Independent expert review of technical documentation, regulatory submissions, and conformity assessment materials for AI-enabled and software-as-a-medical-device (SaMD) products.
Usability Engineering for AI-Enabled Medical Devices
Specialist support for usability engineering programmes across the IEC 62366 series — covering formative and summative evaluation under IEC 62366-1, practical implementation guidance per IEC 62366-2, and compliance strategy aligned with the emerging IEC 62366-3 requirements specific to AI-enabled medical devices.
Change Governance Maturity Assessment
A free, publicly accessible tool from St John Lynch & Co — designed to help medical device manufacturers and regulated organisations quickly benchmark their current maturity in AI change governance.
How mature is your change governance?
This structured assessment tool walks through key dimensions of change governance for AI-enabled systems, aligned with EU MDR, the EU AI Act, and relevant international standards. Use it to identify gaps, prioritise improvement areas, and build a baseline before engaging a consultant or auditor.
Why Work With Me
My consulting practice is distinctive because it is rooted simultaneously in active research, international standards development, and over two decades of hands-on industry practice.
As a doctoral researcher investigating AI-enabled medical device regulatory change management, an IEC TC62 expert member contributing to the very standards your organisation must comply with, and a practitioner with 30+ years in medical devices, I offer a rare combination of current academic insight, standards intelligence, and practical regulatory experience.
That experience includes a career as a Notified Body technical reviewer and site auditor, assessing manufacturers' technical documentation and quality management systems against EU regulatory requirements — giving me direct insight into how conformity assessments are conducted and what assessors look for. I have worked with leading global medical device organisations including Boston Scientific, Johnson & Johnson, Abbott, Medtronic, Veryan, Mylan, and others, across a broad range of device types and regulatory submissions.
The Assessor's Perspective
As a former Notified Body technical reviewer and site auditor, I have assessed technical documentation and QMS compliance from the other side of the table. This gives consulting clients a rare advantage: advice shaped by direct knowledge of how conformity assessments are conducted and what reviewers scrutinise.
Insider View of Emerging Standards
As an active participant in IEC TC62, NSAI/ETC/TC10, and CEN-CENELEC AI Task Groups 1 & 2, I work on the standards your organisation will need to comply with — often before they are published. This means consulting guidance informed by where standards are going, not just where they are.
Academic Rigour in Applied Contexts
My doctoral research on AI-enabled medical device regulatory change management directly informs consulting engagements, ensuring advice is anchored in peer-reviewed evidence, systematic literature analysis, and current regulatory intelligence.
Regulatory Science Meets AI Governance
Few practitioners hold deep expertise in both traditional medical device regulatory science (MDR, ISO 13485, IEC 62304, ISO 14971) and the emerging AI governance landscape (EU AI Act, ISO 42001, BS 30440:2023). I bridge both domains.
Ireland, EU, and International Reach
Based in Ireland and representing Ireland at IEC and NSAI, I provide specialist support for organisations operating in or entering the Irish and broader EU medical device market, with understanding of both local and European regulatory contexts.
Key Frameworks & Standards
Consulting engagements draw on expertise across the following regulatory frameworks and standards — all areas of active research and standardisation participation.
2017/745
2024/1689
Ed.2 (dev.)
2019
2023
2016
Ready to Discuss Your Regulatory Challenges?
Whether you are preparing for an MDR audit, navigating AI Act obligations for a software medical device, or building an AI governance framework, I welcome a conversation about how I can support your organisation.
Building Regulatory & Technical Capability
Health Software · AI-Enabled Medical Devices · EU MDR/IVDR
UK MDR · QMSR · AI
Act · Standards
Drawing on 30+ years in medical devices — including experience as a Notified Body technical reviewer and site auditor, and work with organisations such as Boston Scientific, J&J, Abbott, and Medtronic — I deliver targeted training programmes that equip industry teams with practical, up-to-date knowledge of the regulatory landscape for AI-enabled medical devices.
Training Programmes for Industry
Each programme is designed for regulatory affairs, quality, and engineering professionals working on medical devices — combining regulatory theory with practical application and the latest developments from standards committees and doctoral research.
Navigating the AI Act for Medical Device Manufacturers
A practical introduction to EU AI Act obligations for manufacturers of AI-enabled medical devices — covering high-risk AI system classification, Article 22 requirements, conformity assessment routes, and interaction with EU MDR 2017/745.
AI/ML Software Lifecycle for Medical Devices
Practical training on IEC 62304 software lifecycle requirements as applied to AI/ML-enabled devices — addressing adaptive algorithm change management, post-market surveillance obligations, and risk management under ISO 14971.
AI Governance Frameworks in Practice
Workshop-based training on implementing AI governance in a medical device organisation — using ISO 42001 and BS 30440:2023 as practical frameworks alongside the ChangeIQ methodology developed through doctoral research.
MDR Compliance for AI-Enabled Devices
In-depth training on EU MDR 2017/745 obligations specific to software and AI-enabled medical devices — including technical documentation requirements, PMCF obligations, and the implications of the EC Simplification Digital Package.
Emerging Standards Briefing
A regularly updated briefing programme on the current and emerging standards landscape for AI-enabled medical devices — drawing directly on active participation in IEC TC62, NSAI/ETC/TC10, and CEN-CENELEC AI Task Groups 1 & 2.
Custom In-House Training
Tailored training designed around your organisation's specific regulatory context, product portfolio, and team needs. Suitable for regulatory, quality, and R&D teams at any stage of MDR or AI Act readiness.
Flexible Delivery Formats
Training is available in a range of formats to suit your organisation's needs, from half-day workshops to multi-session programmes — delivered online or on-site.
Half-Day & Full-Day Workshops
Focused, intensive sessions designed for regulatory and quality teams who need actionable knowledge quickly. Available as standalone workshops or as part of a series.
Multi-Session Training Programmes
Structured programmes delivered over several sessions, building regulatory capability progressively — suitable for onboarding new team members or upskilling an existing team ahead of MDR or AI Act obligations.
Remote & In-Person Delivery
All programmes are available online or in person. On-site delivery can be arranged across Ireland and the EU. Remote delivery is available globally.
Tailored to Your Context
Content and case studies are adapted to your organisation's device portfolio, regulatory status, and team background — ensuring training is directly applicable to your real-world challenges.
Upcoming Public Training Sessions
The following sessions are planned for open enrolment. Places are limited — contact me to register interest or to discuss in-house delivery on a preferred date.
| Training Programme | Planned Date | Format | Duration | Delivery | Status |
|---|---|---|---|---|---|
| IEC 62304 ED2 Changes — What Manufacturers Need to Know | TBC 2025 | Workshop | Half-day | Online | Planning |
| EU AI Act for AI-Enabled Medical Device Manufacturers | TBC 2025 | Workshop | Full-day | Online / On-site | Planning |
| AI Governance Frameworks: ISO 42001 & BS 30440 in Practice | TBC 2025 | Workshop | Half-day | Online | Planning |
| MDR Compliance for Software & AI-Enabled Devices | TBC 2026 | Programme | 2 sessions | Online / On-site | Planned |
| Emerging Standards Briefing — IEC TC62 Update | TBC 2026 | Briefing | 2 hours | Online | Planned |
Dates are indicative and subject to confirmation. to register interest or arrange bespoke in-house delivery.
Postgraduate Lecturing at DkIT
Alongside doctoral research, I lecture on one postgraduate module per term at Dundalk Institute of Technology at MSc Level 9 — covering healthcare software engineering, security, usability, and research practice.
Software Development and Validation in Healthcare
COMP_C9045 — Covering software development lifecycle processes and validation requirements for healthcare software, including IEC 62304 and regulatory compliance frameworks.
Further Modules
- Security in Healthcare
- Usability Engineering
- Research Methods
- Embedded Systems
- Healthcare Informatics
- Software Testing & Validation
- Medical Device Software Regulations
- AI in Healthcare
Discuss a Training Programme for Your Team
Whether you are preparing your team for EU MDR compliance, building AI governance capability, or seeking an expert briefing on emerging standards, I welcome a conversation about how training can support your organisation.
Guides, Templates & Tools
Practical resources for regulatory affairs, quality, and AI governance professionals working in medical devices. Some are free to download; others are available to purchase. All are developed from active research and industry practice.
Software & AIeMD SOPs and Templates
Includes GenAI policy guidance (ISO/IEC TS 25568) — plus SOPs and templates for software and AI-enabled medical device development lifecycle under IEC 62304.
Note: content reflects IEC 62304 Ed.2 CD1 (first committee draft). Documents will be updated following CD2.
Software QMS SOPs & Templates
Quality Management System SOPs and templates for organisations developing medical device software, aligned to ISO 13485 and IEC 62304.
Note: content reflects IEC 62304 Ed.2 CD1 (first committee draft). Documents will be updated following CD2.
Opens in Payhip — our secure checkout
Cybersecurity & Security SOPs Pack
SOPs, templates, and work instructions for medical device cybersecurity, SBOM, incident response, and vulnerability disclosure.
Opens in Payhip — our secure checkout
Clinical Evaluation & PMS Pack
SOPs and templates covering clinical evaluation, PMCF, post-market surveillance, and vigilance reporting under EU MDR.
Opens in Payhip — our secure checkout
AI Governance Pack
Policy, validation, and change assessment documents for AI/ML governance in regulated medical device environments.
Pre-Trained AI Model Evaluation Pack
SOP, work instruction, and evaluation checklist for assessing pre-trained third-party AI models in medical devices and health software. Developed directly from peer-reviewed published research and the international standards work that followed — not generic templates, but documents that helped shape the emerging regulatory requirements in this space.
Opens in Payhip — our secure checkout
Usability Engineering & Human Factors Pack
SOPs, templates, and work instructions for usability engineering compliance under IEC 62366-1, integrated with ISO 14971 risk management. Includes an AI-specific usability assessment template and an AI Transparency & Explainability Evaluation Work Instruction — documentation not readily available elsewhere.
Opens in Payhip — our secure checkout
QMS Startup Pack — EU, UK & US
A complete Quality Management System foundation for new-start medical device organisations — Quality Manual, SOPs, templates, and work instructions aligned to ISO 13485 and applicable for EU MDR, UKCA, and FDA 21 CFR Part 820.
Opens in Payhip — our secure checkout
Gen-AI and MLMD Validation & Risk Analysis Pack
A complete set of tools for Validation and Risk Analysis of Generative AI and Machine Learning Medical Devices — SOPs, templates, and work instructions aligned to ISO 13485 and applicable for EU MDR, UKCA, and FDA 21 CFR Part 820. Given the absence of regulatory guidance, this pack provides practical frameworks for compliance.
Opens in Payhip — our secure checkout
Was This Useful?
Let us know how we're doing — your feedback helps improve the resources on offer.
✓ Thank you — your feedback is appreciated!
Need Something Specific?
If you are looking for a resource tailored to your organisation's regulatory context — a bespoke checklist, gap analysis template, or training aide — get in touch to discuss what I can put together for you.
Get in Touch
I welcome enquiries relating to my doctoral research, standards development activities, or potential collaboration on regulatory science and AI governance in the medical device space. I am happy to discuss engagement opportunities with industry, regulators, or academia.
DkIT/UCD Collaborative Project on Trustworthy AI-enabled Medical Devices
Expert Member, IEC TC62 — Plenary, AG SNAIG, ahG 11, JWG 12, JWG 15, PT 63450, PT 63621, SC 62A (incl. JWG 4 & MT 49 IEC 62304 Ed.2 Sub-Team Lead AI)
Member, CEN-CENELEC AI Task Groups 1 & 2