Post-market surveillance (PMS) is the central aspect of MDR compliance. It gives the device manufacturer a structured way to monitor device safety and performance in real-world use throughout the device lifecycle. The device manufacturer can then use the evidence to:
- update risk management,
- clinical evaluation,
- technical documentation, and
- CE marking status
Reporting and Monitoring PMS Plans
Under the MDR, every device must have a documented PMS plan. The PMS plan should define how data will be collected, analyzed, and acted upon for that specific product, in proportion to its risk class and intended use.
A strong PMS plan usually includes data sources such as:
- complaints,
- serious incidents,
- field safety corrective actions,
- literature,
- registries,
- user feedback, and
- post-market clinical follow-up (PMCF)
A PMS plan should outline timelines, responsibilities, and decision criteria for vigilance reporting.
To ensure robust device vigilance, manufacturers need clear processes that align with the MDR and national guidance (e.g., MHRA vigilance requirements in the UK). The processes are for identifying, investigating, and reporting serious incidents to competent authorities and notified bodies.
CAPA and Risk Management Integration
Data collection is not the endpoint of an MDR-compliant PMS system. PMS signals and vigilance insights must be entered directly into CAPA systems and the risk management file. As per the medical device regulation (MDR), a PMS output must improve the benefit–risk profile, update risk controls, and trigger preventive or corrective actions when performance drifts or new hazards emerge.
In practice, this means linking PMS reviews to your CAPA process:
- trends analysis drives root cause investigations,
- CAPAs are documented and implemented, and
- effectiveness of each action is evaluated in subsequent PMS cycles
This closed loop is essential for demonstrating that post-market information is actively used to improve device safety and performance, rather than just archived.
Audit-Ready Documentation
MDR Annex III requires that the PMS activities be fully documented in technical documentation and kept ready for review by notified bodies and authorities. For class I devices, manufacturers prepare a PMS report summarising findings plus any resulting actions. For higher-risk devices, they must produce a Periodic Safety Update Report (PSUR) at defined intervals, integrating PMS data, benefit–risk evaluation, sales volumes and any CAPA or FSCA taken.
Audit-ready PMS documentation should show: a current PMS plan; documented data collection and analysis; vigilance reports; CAPA records; PMCF plans and results where applicable; and the latest PMS report or PSUR. All of this must correspond to the device’s risk management file and clinical evaluation to present a coherent safety narrative to regulators.
MDR Compliance Checklist
To build a PMS system that supports MDR compliance and CE marking, manufacturers should ensure they can answer ‘yes’ to at least these questions:
- Is there a device-specific PMS plan that is proportionate to risk class and clearly implemented?
- Are medical device vigilance processes defined, trained, and consistently followed?
- Does PMS output routinely update risk management, clinical evaluation, IFU, and CAPA systems?
- Are PMS reports or PSURs prepared at the correct frequency and integrated into technical documentation?
- Can you demonstrate in audits that the PMS data is actively used to maintain device safety and performance and to support continuous CE marking?
As a regulatory service provider aiming at compliance from all the perspectives, Vigilare BP prefers the device manufacturers should say yes to all the above points. If not, we are here to walk them through the markets, compliance and regulatory procedures, audits, and document preparation for the submission.