ISP / ANID
Chile — ISP / ANID
Decreto 825 framework + new Medical Device Law (Ley 21.541)
Authority
Instituto de Salud Pública de Chile
Enforced
2024 (Ley 21.541 in implementation)
Legal framework
Ley 21.541 (2023) + ISP regulations + Ley 19.628 data protection
Scope
Medical devices marketed in Chile; risk-class based registration phasing in under Ley 21.541.
Pre-market
Reference-jurisdiction route during transition; risk-based dossier expected once implementing decrees publish.
Post-market
Tecnovigilancia reporting via ISP; CSIRT.gob.cl coordination for incidents.
SBOM
RecommendedEncouraged via FDA / EU alignment.
Vulnerability disclosure
CSIRT.gob.cl coordinated disclosure recommended.
Penalty
Registration suspension, sanitary fines under Health Code.
Unique requirements
- 01Chilean Registration Holder
- 02Spanish-language IFU and labelling
- 03ISP authorisation for importers
Highlights
- New MD Law transitioning into force
- Reference jurisdiction route during transition
- Modernised data-protection law incoming
Aligns with
Timeline
-
Mar 2023
Ley 21.541 enacted
-
2024
Implementing regulations under consultation
Key documents
Frequently asked about Chile
Is SBOM required for medical devices in Chile?
Recommended. Encouraged via FDA / EU alignment.
What does ISP / ANID require for pre-market cybersecurity?
Reference-jurisdiction route during transition; risk-based dossier expected once implementing decrees publish.
What are the post-market cybersecurity obligations under ISP / ANID?
Tecnovigilancia reporting via ISP; CSIRT.gob.cl coordination for incidents.
What is the penalty for non-compliance with ISP / ANID cybersecurity rules?
Registration suspension, sanitary fines under Health Code.
How much of my FDA cybersecurity package is reusable in Chile?
Roughly 80% — an editorial estimate based on overlapping evidence requirements (threat model, SBOM, security risk assessment, pen-test report).