What Do You Need to Comply with the EU MDR Postmarket Requirements?
The deadline for the official implementation of the EU Medical Device Regulation (MDR) is approaching. By May 2020, your medical device organization must be in compliance with many new requirements for your product throughout its life cycle. With this increased focus on the total product life cycle comes an expanded suite of regulations for postmarket surveillance you must be in compliance with. There is a lot to unpack in this aspect of EU MDR, but there are some major compliance areas your organization should be putting in place now.
1. An established surveillance system
As part of your overall quality system, the EU MDR requires medical device manufacturers to have an established system in place for postmarket surveillance. It must be proportionate and appropriate to the risk class of the device. This system is primarily concerned with the aggregation of postmarket data related to product safety, quality, and performance, in addition to carrying out preventive or corrective action as necessary.
Subsequently, all results of the postmarket activities that fall under this system must be entered into the appropriate technical documentation. When necessary, EU regulators and other notified bodies will review this documentation to ensure accuracy and proper adherence to the EU MDR requirements.
2. A postmarket surveillance plan
Your postmarket surveillance plan—along with the rest of the items in this list—fits into your surveillance system. It is considered part of your technical documentation, unless your device is custom-made. According to Annex III of the EU MDR regulations, the plan must include information relating to:
- Incidents and field safety corrective actions (serious or nonserious)
- Trend reporting data
- Feedback and complaints
- Publicly available information about equivalent or similar products
Along with this information, the EU MDR requires the plan to cover the processes and procedures used to enact and maintain the plan. Risk management activities are likewise expected to be performed as part of the plan.
3. Reporting processes & protocols
Beyond having your postmarket surveillance plan available to EU regulators, you also need to prepare and submit certain reports on a regular basis. Any manufacturer of devices in classes IIa, IIb, and III are required to submit what is known as a periodic safety update report (PSUR). This report must be submitted for each device the manufacturer has marketed in the EU, as well as each device category or group where relevant. The PSUR must contain summaries of results and analyses of postmarket surveillance data in accordance with your plan.
The EU MDR regulation additionally lays out specific requirements for “vigilance” in postmarket surveillance. Any serious incidents and field safety corrective actions must be reported and assessed for severity, causation, and resolution. Incidents are also required to be submitted to trend reporting and analysis, to identify statistically significant issues with device operation and use that need to be corrected.
4. A Postmarket Clinical Follow-Up plan
The last major thing your organization needs when coming into compliance with the EU MDR postmarket surveillance requirements is a postmarket clinical follow-up (PMCF) plan. The PMCF is intended as a living plan, so to speak, that is continuously updated and adjusted as necessary. When the plan is enacted, the manufacturer must “proactively collect and evaluate clinical data…with the aim of confirming [device] safety and performance throughout the expected lifetime,” according to Annex XIV, Part B of the regulation.
The postmarket requirements of the EU MDR get much more granular than this brief overview. However, these highlighted areas of concern are essential, high-level items your medical device organization must have in place when submitting to the European market. Incorporating them won’t be easy, but having the right tools and planning in place can make the transition much simpler.
About Nick Schofield
Nick Schofield is a content creator for Cognition Corporation. A graduate of the University of Massachusetts Lowell, he has written for newspapers, the IT industry, and cybersecurity firms. In his spare time, he is writing, hanging out with his girlfriend and his cats, or geeking out over craft beer. He can be reached at firstname.lastname@example.org.