The Crosswalk

    SES

    Flag of UkraineUkraine — SES

    MandatoryLast updated · 2024Verified · 2026-05-28

    Technical Regulation on Medical Devices (Resolution 753) — MDR-aligned

    Authority

    State Service of Ukraine on Medicines and Drug Control

    Enforced

    2013 (Resolution 753), revised 2023

    Legal framework

    Technical Regulation on Medical Devices (CMU Resolution 753), aligned with EU MDR via the EU–Ukraine Association Agreement; NIS2-style obligations being transposed under EU candidate-status reforms.

    FDA package reuse

    ~70%

    Scope

    Medical devices placed on the Ukrainian market via national TR753 conformity assessment, performed by designated bodies. Connected devices fall under SSSCIP critical-infrastructure rules where deployed in hospitals.

    Pre-market

    Essential safety and performance requirements mirror MDR Annex I; software safety implicit. Technical file plus risk management (ISO 14971) and software lifecycle (IEC 62304) accepted.

    Post-market

    Vigilance reporting to SES; serious incidents within 15 days. SSSCIP coordinates cyber-incident response for hospital-deployed devices.

    SBOM

    Recommended

    Not statutorily required; expected by designated bodies for connected devices in line with MDR practice.

    Vulnerability disclosure

    SSSCIP CERT-UA coordination; ENISA-style framework being adopted under EU accession reforms.

    Penalty

    Withdrawal from market, administrative fines under TR753.

    Unique requirements

    • 01Ukrainian Authorised Representative for non-resident manufacturers
    • 02Wartime SSSCIP cyber notifications for hospital-deployed connected devices

    Highlights

    • MDR-aligned essential requirements
    • ACAA pathway in progress for direct CE recognition
    • Designated bodies perform conformity assessment

    Aligns with

    EU MDR IEC 62304 ISO 14971 ISO 13485

    Timeline

    1. 2013

      CMU Resolution 753 adopted (TR on medical devices)

    2. 2023

      TR753 revisions to further align with EU MDR

    3. Ongoing

      ACAA pathway to direct EU CE recognition under negotiation

    Key documents

    Related markets

    Frequently asked about Ukraine

    Is SBOM required for medical devices in Ukraine?

    Recommended. Not statutorily required; expected by designated bodies for connected devices in line with MDR practice.

    What does SES require for pre-market cybersecurity?

    Essential safety and performance requirements mirror MDR Annex I; software safety implicit. Technical file plus risk management (ISO 14971) and software lifecycle (IEC 62304) accepted.

    What are the post-market cybersecurity obligations under SES?

    Vigilance reporting to SES; serious incidents within 15 days. SSSCIP coordinates cyber-incident response for hospital-deployed devices.

    What is the penalty for non-compliance with SES cybersecurity rules?

    Withdrawal from market, administrative fines under TR753.

    How much of my FDA cybersecurity package is reusable in Ukraine?

    Roughly 70% — an editorial estimate based on overlapping evidence requirements (threat model, SBOM, security risk assessment, pen-test report).