Post-Market Surveillance for Medical Devices: Regulations and Plan Requirements

Igal Zeifman
Igal Zeifman

11  min read | 5 min read | 17/10/2022

Post-Market Surveillance for Medical Devices: Regulations and Plan Requirements

What Is Post-Market Surveillance (PMS) for Medical Devices?

Post-Market Surveillance (PMS) is the process of monitoring a medical device when already in the market and in use. While medical devices are released to the market after already undergoing some kind of clinical testing, real-world data from the actual use of the device can provide critical information about its safety and effectiveness.

PMS is part of an effort by regulatory authorities to monitor and ensure the safety of drugs and medical devices. Regulators around the world are shifting their focus from pre-market to post-market regulation of medical devices, with the understanding that PMS can provide a more realistic picture of device effectiveness and adverse effects.

PMS collects data about performance, quality, and safety from more patients than initially tested, and over a longer period of time. This data can have two important impacts of PMS on the manufacturer of a new medical device:

  • Update the risk/benefit ratio for the device based on field data.
  • Make changes to the device to improve its effectiveness, address concerns, or respond to incidents discovered in the field.

The data can be collected in several ways:

  • Internal vigilance is an effort by the device manufacturer to collect and analyze post-market customer complaints, failures, or reports of adverse events such as safety incidents. This includes collecting data on related, competing devices offered on the market.
  • External vigilance might be performed by medical device regulators in territories where the device is offered. Typically, the authorities maintain a database of medical device reports and compare this data to sales figures to identify the risk/benefit ratio of the device.
  • Medical literature can provide additional information about the effectiveness of medical devices, and is especially important to identify off-label use (use of the device for indications or patient groups for which it was not intended or approved).

Why Is Post-Market Surveillance Important?

Post-market surveillance provides additional information about a medical device and the medical condition it is designed to treat. It also makes it possible to compare a device to other devices on the market.

For device manufacturers, this information is extremely valuable and can be used to inform marketing and pricing strategies, product upgrades, new releases, and updates to clinical characteristics. More importantly, PMS can help manufacturers identify and address critical issues affecting the safety or efficacy of a device.

For medical practitioners and health care providers, post-market surveillance data provides information about the use of the device in patient populations. These often vary from initial clinical data, and the data provides insight about use of the device in a variety of conditions and over a longer time frame. This data helps clinicians make better patient treatment decisions, and can help healthcare providers evaluate their investments.

For regulators, post-market surveillance helps identify whether the safety, efficacy and cost-effectiveness of a device aligns with the results of the initial clinical data. This is crucial because it provides real-life evidence that the device provides benefits for patients and validates its risk-benefit ratio.

What Is Post-Market Clinical Follow-up (PMS vs. PMCF)

PMCF is a study that is sometimes carried out in addition to PMS. It is an effort to systematically gather clinical data on the usage of medical devices and its outcomes, to validate that the device is used appropriately and its benefits and risks are well known.

What does a PMCF study include?

A PMCF is a clinical study that should have clear objectives, a scientifically-backed research design and rationale, and should perform appropriate statistical analysis and interpretation of the data it collects. It is expected to be more complex, and take more time, than other forms of PMS, but can also provide more accurate and in-depth findings.

Which devices require PMCF?

The European Union MDR provides a series of criteria specifying when PMCF is needed. The guidelines state that PCMF is important for a device that uses novel technology; has high product-related risk; is used in high-risk anatomical locations; is used on high-risk populations; is intended to treat a severe disease; has open questions in terms of long-term safety or efficacy; or is planned to be used in under-studied populations which react differently to the treatment. In addition, MDR suggests using PMCF when a device is exposed to a larger or more heterogeneous population.

How to Perform Post-Market Surveillance: Step by Step

Post-Market Surveillance Plan

A PMS plan should define what data needs to be collected to analyze the effectiveness and adverse effects of the device, and how to use it to investigate and resolve issues. It should include:

  • Detailed process for collecting and assessing data
  • Indicators and thresholds for the risk/benefit assessment
  • Methods for receiving feedback and complaints from users, distributors, or importers
  • Procedures to be uses for corrective action
  • Tools to identify the device(s) for which a corrective action is needed

Primary PMS Regulation Requirements

The key regulatory requirements for post-market surveillance are:

US FDA 21 CFR Part 822

PMS requirements in the US were originally determined by the 522 Post-Market Surveillance Studies Program, established within the US Food and Drug Administration (FDA).

Today, the main requirements for post-market regulation in the United States are determined by the Code of Federal Regulations (CFR), Title 21, Part 822. Below is a brief summary of the requirements:

Which devices are covered?

FDA requirements for post-market surveillance apply to Class II (intermediate risk devices, such as infusion pumps) and Class III devices (high risk devices, such as pacemakers), which meet at least one of the following criteria:

  1. If the equipment malfunctions it can have serious adverse health effects.
  2. The equipment is designed to be implanted in the human body for more than one year.
  3. The equipment is life-sustaining (supporting the continuation of a bodily function important to human life), and intended for use outside a medical facility.

When can the FDA require PMS?

In some cases, the FDA can require PMS as a response to adverse event reports related to a medical device, with the aim of evaluating the safety and efficacy of the device. In other cases, the FDA can require PMS for devices that had limited premarket testing, or to obtain additional information about device performance in actual clinical practice.

What are manufacturers required to do?

The FDA issues post-market surveillance orders, requiring manufacturers to submit a PMS plan. The plan should explain how the manufacturer plans to perform PMS to meet regulatory requirements. Here are common elements of a PMS plan:

  • Equipment background, regulatory history, and approved medical indications.
  • PMS study design, objectives, and hypothesis.
  • Patient population, with inclusion and exclusion criteria and sample size.
  • Primary and secondary endpoints (expected outcomes of the study), with success criteria and expected adverse events.
  • Follow-up plans and evaluation procedures
  • Data collection forms, procedures
  • Statistical analysis guidelines and data analysis procedures
  • Milestones and reporting schedule for interim and final reports

MedWatch Product Safety Reporting Program

MedWatch is the FDA’s medical product safety reporting program for healthcare professionals, patients, and consumers. It allows medical practitioners who prescribe or dispense medical devices, and patients who use them, to report serious problems with these devices. These reports and follow-up investigations help identify critical safety issues.

MedWatch reports are raw data, which cannot on its own show a causal relationship between use of a medical device and adverse effects. However, MedWatch reports can trigger a requirement for post-market surveillance to collect more data, or in some cases will lead to additional clinical data.


In the European Union (EU), the primary regulation that specifies requirements for PMS is the Medical Device Regulation (MDR), also known as EU 2017/745. The regulation requires medical device manufacturers to submit a PMS plan as part of their technical documentation.

Depending on the device class, the MDR might require a manufacturer to produce a post-market surveillance report (PMSR) or a periodic safety update report (PSURs). These reports typically include information about serious and non-serious incidents related to the device, available data on side effects, feedback or complaints from users, distributors, or importers of the device, and information about similar devices available on the market.

Which devices require a post-market surveillance report (PMSR)?

A PMSR is needed for:

  • Devices defined as Class I under the MDR (low-risk devices, such as non-electric wheelchairs).
  • Devices defined as Class A under the in-vitro diagnostic regulation (IVDR) mandate (low patient health and public health risk)
  • Devices defined as Class B under IVDR (moderate patient risk and/or low public health risk)

In a PMSR, the device manufacturer should present data gathered in post-market surveillance, results and conclusions, as well as corrective and preventive actions taken and their rationale.

Which devices require a periodic safety update report (PSURs)?

A PSUR is needed for:

  • Devices classified by the MDR as Class IIa (medium risk), Class IIb (medium to high risk) and Class III (high risk).
  • Devices classified under the IVDR as Class C (high patient risk and/or moderate public health risk) or Class D (high patient risk and high public health risk)

A PSUR is similar to a PMSR, but has additional requirements. It must include an update of benefit/risk ratio, a post-market clinical or performance follow-up, details of sales volume, user population characteristics, and usage frequency.

Structure of PMS and PSUR

The details of PMS/PSUR plans are defined in Annex III of the MDR. These plans should include:

  • A process for proactively collecting information, including user feedback and incident reports.
  • Methods for analyzing the collected data
  • Threshold values for risk-benefit ratio and methods for risk management
  • Communication protocols for transferring data to authorities, users, and other relevant parties.
  • Assessment of collected results, recommendations and action items
  • Methodology for investigating complaints and reports from the field, including ways to identify devices for which corrective actions are needed, or defective products in case of a recall.
  • Description of how the manufacturer intends to fulfill their obligations for a PMS system, PMS, and PSUR if required.

6 Key Considerations for Post-Market Surveillance of Medical Devices

When building a PMS strategy for a medical device, manufacturers should consider the following key aspects:

  1. Pre-market surveillance—data from the development process can provide early warnings about potential safety issues, and help develop the risk profile of the device. An important part of early input is to identify issues in advance, using testing tools that profile the device for quality and security gaps before they are sent to market.
  2. Proactive PMS—this involves any activity meant to anticipate and mitigate adverse events before they occur, post deployment. To be effective, proactive PMS relies on the ability to collect live data from devices deployed in the field, and detect issues early, before they escalate into adverse events. Keep in mind that ISO 13485 (Quality Management Systems for Medical Devices), which applies to almost all medical devices on the market, requires “early warning” of adverse events, which requires proactive PMS.
  3. Reactive PMS—many PMS activities occur in response to events. These might be complaints from patients or medical practitioners, or more severe events known as “vigilance”, which involve serious injury or death. Reactive PMS is important, but not sufficient to fully meet regulatory requirements. It must be combined with proactive, early warning about issues discovered in the field.
  4. Documentation—formal documentation for a PMS program should include a description of data sources and methodology for analysis, how to receive complaints and reports on adverse effects, the risk analysis model, details of corrective action taken, communication procedures, and methods of tracing issues in specific devices. In the EU, devices require a formal report known as PMSR or PSUR. More details about the structure of these reports can be found in the EU MDR section above.
  5. New devices—for new technology, or devices in emerging markets, there will be limited knowledge about patient populations, the complexity of the relevant medical conditions, and interaction with device use. This may result in under (or over) estimation of risks. To compensate for this, the manufacturer should plan for an active monitoring program to detect unexpected problems or safety issues. In many cases, post-market clinical follow-up (PMCF) will be needed to characterize the appropriate clinical use of the device.
  6. Medical literature—for devices in an established market, where experience has been gathered with similar devices, literature can provide some aspects of post-market clinical evaluation. Literature about similar devices in the market can give manufacturers valuable data about patient populations, comorbidities (other medical conditions experienced by the same patients), and the possible effects of device use.

Main Technical Challenges

PMS has been one of the medical product industry’s most difficult and expensive aspects for several years. This difficulty is due to the high volume of transactions and manual tasks such as handling complaints, tracking product quality, and monitoring patient safety.

Frequently changing regulatory requirements like IVDR and EU MDR combine with the impact of the FDA. Here are two key technical factors that complicate the PMS process and increase the likelihood of post-pandemic surveillance audits by regulatory bodies:

Data Collection and Management

Many medical device manufacturers still rely on manual spreadsheets and in-house databases that contribute to security concerns and often increase the risk of errors in transcriptions, formulas, filtering, etc. These delay the company’s adverse event report submission schedule and create operation inefficiencies that ripple throughout the entire submission process.

On the other end of the spectrum, some companies invest heavily in highly customized on-premise solutions, making it difficult to upgrade, adapt to new regulatory requirements, and maintain a product’s validated state. Ultimately, such solutions become unusable over time, even after heavy investment in their maintenance.

Moreover, each of the above approaches often results in multiple data collection methods being deployed by the same company, with different data management techniques applied by different teams for different device types. This results in a chaotic situation, preventing manufacturers from having a single source of truth, uniform process and standardized format that can be applied across all product offerings.

Lack of In-field Visibility

Many organizations face technical challenges that prevent them from collecting granular device-level data from devices in the field. For connected devices, real time visibility is a missed opportunity – one that could have been leveraged for preemptive issue detection.

When it comes to isolated/gated devices, providing any kind of visibility becomes a challenge, and yet that data is still needed to address PMS requirements.

Medical device companies often address this situation with DIY solutions. According to a media report, one healthcare organization spends $500,000 per month on additional resources to handle growing transaction volumes.However even such solutions fail in providing granular visibility about user interactions with the device and specifics like temperature level, resource utilization and security events. Meanwhile, an issue across any of these could endanger the patient, lead to a recall or worse.

And so, improving product quality and adapting to changing regulations requires a new technical approach to post-market surveillance. This makes the case for innovative solutions that streamline the entire end-to-end PMS process. Solutions that enable device manufacturers achieve dramatic improvements while controlling operating costs.

How We Can Help

Post market surveillance raises many requirements for medical devices, most prominently the need to collect and manage data from devices, and the need for visibility into anomalies occurring in the field. Existing technological tools do not provide this capability out of the box, and manufacturers are scrambling to build home-grown solutions.

Sternum is a security and analytics platform for IoT, proven for use with medical devices. Embedded in the device itself, it provides deterministic security with runtime protection against known and unknown threats, coupled with observability features that granularly monitor and log  all of the device functions.

Sternum operates at the bytecode level, making it universally compatible with any IoT device or operating system including RTOS, Linux, OpenWrt, Zephyr, Micirum, and FreeRTOS. It also has low overhead of only 1-3%, which makes it a great fit even from the most resource-restricted legacy devices.

Check out the video below to see our platform in action:

Below if a list of some of Sternum features for post-market observability:

  • Granular flexibility – Sternum can be used to collect any type of data, no matter how granular (e.g., user interactions, error logs, connectivity and battery data, temperature information, crash reports and more). The monitoring strategy can be easily configured to your needs, reducing noise and offering a clear view of the things that matter most.
  • Live in-field insights – As long as the device is connected, Sternum sends a continuous live data stream to the cloud. This offers live access to detailed device-level information, enabling rapid error detection, remote debugging, and other mission-critical tasks for devices in the field.
  • Monitoring of isolated devices – The platform is also built to support devices with intermittent connectivity, whether fully connected, gateway connected, etc. To address these deployment scenarios, Sternum can double as a proxy, storing data until a connection is established.
  • AI-based anomaly detection – Sternum leverages AI to learn the specifics of each device and detect unwanted deviations from its typical behavior. For example, Sternum can detect unusual communications, an abnormal number of events, an atypical combination of even values, sequence violations, and security issues like DDoS.
  • Detailed incident reports – For each alert, customizable investigation views provide a visual chronology of the incident, offering additional context and streamlining root cause analysis. Furthermore, this information can be used for CAPA and Customer Complaint investigations.
  • Centralized fleet management – Sternum dashboard allows you to streamline large deployments and easily track device inventory, helping you manage device profiles and operations, surface fleet-wide security issues, and analyze trends for product innovation.

Learn more about Sternum observability features

Key features of Sternum for post-market security requirements:

  • Agentless security – On-device security integrates directly into the firmware, making it a part of the core build. This ensures that the solution cannot be externally compromised and leveraged as a point of failure.
  • Automatic mitigation of known and zero-day threats – Sternum prevents 96.5% attacks in benchmark (RIPE) security tests. Its vulnerability-agnostic approach makes it equally effective in dealing with known and zero-day threats. This not only improves security but can also cut security patch management costs by as much as 60%.
  • Supply chain protection – The solution relies on binary instrumentation, making it able to protect all running code. This extends to 3rd party and operating system libraries, effectively preventing all supply chain exploit attempts.
  • Protection of isolated devices – Sternum’s security solution does not rely on external communication to secure devices, making it equally effective for connected and isolated devices.
  • Streamlined compliance – helps meet the latest cyber regulations for IoT devices (IEC 62443, FDA, NIST, etc) and the most current FBI recommendations for Internet of Medical Things (IoMT) endpoint protection.

Learn more about Sternum security featuresDisclaimer

The information provided in this article is meant purely for an educational discussion and contains only general information about legal, commercial and other matters. It is not legal advice and should not be treated as such. You must not rely on the information in this article as an alternative to advice from your professional legal, compliance or regulatory services provider.

This article also contains links to other third-party websites. Such links are only for the convenience of the reader, user or browser; we do not recommend or endorse the contents of any third-party sites.


Enter data to download case study

By submitting this form, you agree to our Privacy Policy.