Critical Misconceptions About PMS, Vigilance, and Reporting in the Device and IVD Lifecycle

Speakers: Marta Carinelli, Julia Hoyer, Muna Kebede, and Milad Masjedic 

[Download a Practical Guide to Device & IVD Post-Market Surveillance, Vigilance & Reporting]

Index

[Download Slides]

Introduction and Overview (00:30 – 01:31) 

•  Muna Kebede introduces the session, focusing on PMS from a lifecycle perspective
•  Regulatory references are excluded from the presentation but provided in the slides

Lifecycle Approach to PMS (01:32 – 06:26) 

•  PMS has shifted from reactive reporting to a predictive, data-driven system
•  Lifecycle now spans from conception to decommissioning, requiring early planning and ongoing data use
• Continuous interaction across stakeholders and alignment with QMS are essential

Manufacturer Responsibilities and Misconceptions (06:27 – 09:07) 

• PMS obligations persist after sales stop—through the full device lifecycle
• Misconception: PMS ends at market withdrawal; regulations require ongoing oversight

Planning Pitfalls and Regulatory Feedback (09:08 – 13:56) 

• Applying a generic PMS plan across devices leads to non-conformities
• IGJ and Swissmedic found frequent issues with unclear methodologies, data sources, and responsibilities
• PMS planning must reflect device-specific risks and use cases

Core Elements of PMS Planning (13:57 – 18:49) 

• Plans must consider intended purpose, clinical benefit, performance, and state-of-the-art
• Data sources and analysis methods should be clearly defined
• A cross-functional, well-documented approach is required for compliance and improvement

Panel Discussion Highlights (19:57 – 33:08) 

• Julia Hoyer: Provide a coherent device story and clear conclusions
• Marta Carinelli: Link PMS findings to broader QMS processes, especially risk management
• Milad Masjedi: Define survey scope and methods—avoid vague commitments
• All speakers emphasized tailoring PMS by design, use, novelty, and user environment

Thresholds, Data, and Trend Analysis (33:09 – 41:57) 

• Thresholds should evolve with more data and changing standards
• Real-world use, device sales, and complaint trends must inform analysis
• Statistical methods must be justified and documented; lack of rigor leads to non-conformities

Incident Reporting and System Overload (42:27 – 52:49) 

• In case of doubt, incidents should be reported; clarification can follow
• Over-engineering PMS can burden QMS; align frequency and depth with device complexity and data
• Consider adjusting plans over time based on actual market experience

Audience Q&A Highlights (53:13 – 01:00:03) 

• Incidents outside the EU are only reportable if an FSCA is issued
• PMS obligations cease only if the manufacturer no longer exists
• Grouping devices in reports must be logical and justified to ensure traceability and clarity

Full Transcript

Muna Kebede - 0:30

Let's move forward and start directly looking at the agenda.

We will look at the PMS from a lifecycle perspective and have a short overview of the PMS system. A short disclaimer here, I will not be presenting normative and regulative references in detail or guidance documents. Those are a part of the slide deck and you will receive this after the webinar. So instead, we will dive directly into some misconceptions and look at recommendations on how to approach such cases.

So forward to the first topic, the lifecycle approach.

The evolution of the lifecycle approach in the medical device sector reflects the need for understanding the true safety and performance of the device when applied in the real world. And the need also to be able to catch potential risks before they occur, which is pivotal given the exponential growth in device technology and complexity.

Muna Kebede - 01:32

In the past 20 years in the medical device sector and also IVDR. 

Before 2010, the approach was not too different from other industry sectors.
It was focused on vigilance and reporting with minimal involvement of the risk management process. The emergence of the lifecycle approach as we know it today for devices was established by 2010 when the GHTF introduced the concept of CAPA and risk management including feedback. 

After the EU MDR kicked in, the modern approach, which is highly data-driven, was solidified and the focus on long-term and real-world evidence was introduced, and it's still growing. In addition, a predictive approach is required, and this urges us to identify serious incidents and public health threats before they occur and to do something about it. 

So this really hits home the PDCA and QMS.

Muna Kebede - 02:07

For clinical data, it had also become evident that pre-market data gathered in a controlled setting with little variability is not enough and lacks the necessary sample size, follow-up, and real-world experience.

All in all, this modern approach is not just one big challenge and a negative, but it ensures also that devices maintain a positive benefit-risk ratio and it provides manufacturers with valuable input for further developments, for example, for the next generation devices, for variations, or it might even spark up new ideation. It also provides the possibility of more flexible regulatory approaches supporting innovation. For example, also through conditional approvals, special regulatory approaches for AI devices and orphan devices will benefit from this as well.

Please note, however, that the growing emphasis on post-market data for better evidence over time does not mean that a lack of data or poor quality data in pre-market is acceptable. So this is not an argument or a way out for not fulfilling pre-market requirements.

Muna Kebede - 03:53

In summary, what does the lifecycle approach need from us all?

So as an agreement, it needs continuous interaction between all stakeholders, so not just between notified bodies, competent authorities, and manufacturers, but also those in the supply chain are now responsible for reporting complaints even stronger to legal manufacturers. It increases corporate accountability not just with manufacturers but also with notified bodies, depending on the device class involved. It has an increased demand on competence and education because manufacturers really need sufficient regulatory and clinical knowledge at hand and always available to them to remain agile because they need to react to the data quickly and implement necessary corrective actions in a timely manner.

So let's have a quick look at what is the life cycle before we go further, since this revolves around this terminology. The term is not declared as such in the EU MDR. However, in the IMRDF it is defined as covering all phases of the life of a medical device from the initial conception to final decommissioning.

So the last medical device out. Not sold, but the last medical device out.

And where do we place post-market surveillance, vigilance, and reporting in this lifecycle? In the pre-market phase, we have reporting requirements to abide by when conducting clinical investigations, which includes serious adverse events and device deficiencies.

In post-market phase, this refers to also post-market clinical follow-up studies, but it's mainly driven by serious incident reporting and also includes trend reporting.
However, the data transfer between the pre-market and the post-market is more interesting in its role, I think.

In the pre-market, the manufacturer defines in its design inputs key aspects that will then affect the type of PMS data collected, the extent of data that's collected, and it defines future reporting obligations as well depending on the risk class of the device.

Muna Kebede - 06:27

And not to forget also the first PMS plan should already be completed in the pre-market phase as it's part of the TD for submission. The PMS data can and should affect research and development, as well as design and development and manufacturing, either as research input or mainly through CAPAs and through risk management, because data from set indicators from the market can communicate the need for action to the manufacturer even before the occurrence of significantly increased rates and severity of when an expected side effect happens which should be reported.

Increased frequencies of certain complaints should then trigger investigations that may identify root causes which are embedded in the design and development or in manufacturing or even in the usability of the device which will affect an area of your technical documentation as well.

So let's dive deeper into the role of the manufacturer.

It's highlighted throughout the whole regulation as well as in the MDCG guidance documents that manufacturers play a leading role. It is in their responsibility to ensure a systematic execution whilst also ensuring compliance of documentation of all activities and processes that are described in their quality management system.

So, on paper, these are clear tasks, right?

The question remains how and how to do this effectively. Not only with respect to compliance but also with respect to resources, whether monetary or competence related or time or otherwise, how do I as a manufacturer become and stay compliant and harvest the benefits also of the gathered information for improvements and growth without at the same time overburdening my quality management system causing possibly other issues.

So let's look at a simple yet possibly fatal misconception that can impact the limits of such resources that we just talked about if it's not correctly implemented in the organization's project and quality plan. So the misconception that post-market surveillance of the device ends when we stop placing it on the market.

Muna Kebede - 9:07

The post-approval requirements in the regulation state clearly that the data needs to be gathered throughout the entire lifetime of the device.

So this brings us to looking at another definition that's quite important but not declared in the EU MDR. 

The overall lifetime of a device is the first device marketed and the last device out of the market. So this includes the shelf life of the device plus the intended lifetime, which is calculated by the expected lifetime and the uncertainty factor. And this expected lifetime, also not defined in the MDR, has a definition in the IMRDF, which is the time period specified by the manufacturer. During which the medical device is expected to maintain safe and effective use as intended. So this means it's defined in the design input phase by the manufacturer, during which you ensure that the device's intended purpose meets safety and predefined performance characteristics which are in line with the state-of-the-art expectations.

And this must be proven via pre- and post-market activities. Therefore, end of certification does not mean end of PMS activities because manufacturers are legally obliged to continue to make, for example, the PSUR available to the competent authorities upon request when the device has not yet been covered by the last PSUR.

So let's have a look at one more of the major sources of non-conformities that we have - the fact that actions in the PMS plan are generally applicable to all my devices. Despite differences in intended purpose, basic UDIDI or any changes made to the device groups.

So this means the same data sources, same methodology and general assessment plan for all my data sets can be made in the plan. And this is one of the core causes for non-compliant PMS reports as well. It has a direct relation to that leading to rejections of those records by notified bodies.

Muna Kebede - 11:41

The PMS plan is the heart of the PMS system.

This is where you not only set specific methodologies and identify sources, identify specific investigative questions that are tailored to the device and current risk and clinical knowledge, but also where you identify who will execute these specific tasks and where you identify whether you have the relevant and sufficient resources or do you need to acquire these. 

When will these tasks be executed, and in which frequency will they be executed and when will they be reviewed, because it's not the best idea to review the data only at the end of the year, as a regular meeting and review of this PMS plan and its execution will mitigate the risk of a bottleneck and any surprises that you might have at the end of the year. It will contribute to identifying risks in a timely manner. In addition, what additional information do I need for innovation, for further improvement, and just to stay ahead on the market? And this will engage your top management, surely, and you will need their support to execute a good PMS plan and to stay compliant and to have real use out of it.

So let's have a quick look at some common non-conformities that were identified this time by the competent authorities. 

In the past six months, at least two calls to manufacturers were published by competent authorities. One in October 2024 from the Dutch authority IGJ and another this month from Swiss Medic. Most of the non-conformities identified were related to post-market surveillance plan. Even those related to the report were a direct result of the missing direction and clarity in the plan. So, for example, Swiss Medic assessed 30 cases and 20 had non-conformities, 8 of which were based on the fact that the safety report was not prepared according to the PMS plan.

Muna Kebede - 13:56

The Dutch authority also similarly reported that many manufacturers did not tailor the PMS plan to the type of medical device they were marketing, and the plans were applied to multiple types of devices without any clear specification of which data they intended to collect for each type. So, in addition to that, it was identified that some manufacturers were not up to date with the lifecycle approach and that they were still equating PMS to vigilance, and the interaction with other QMS systems was not clear.

The information was not specific, and the methodologies were lacking, therefore, it was apparent that manufacturers also could not have the appropriate signals to know when and how to act to triggers that were not set in the first place. And this goes together with main pitfalls also seen In other manufacturers, which also includes the absence of benefit-risk analysis, the absence of similar device comparisons, of literature reviews, and also the absence of compliant procedures, which really drive the system, not just PMS procedures, but vigilance procedures, risk management and CAPA procedures.

And as I mentioned earlier, the plan determines the fate of the records generated.

It needs to be more comprehensive than what the MDD had allowed. It needs to consider various data sources, both reactive and also proactive data sources, and a good tool to use, a good place to start, Is the ISO TR2416. It's not only a detailed guidance for the PMS plan but also provides some examples of data sources. It provides examples of data analysis methods and also of some post-market surveillance plans depending on the type of device that is presented. So this is a good tool to have at hand.

A very important aspect relevant to the current lifecycle approach is also that PMS data is not just vigilance and customer feedback. It needs to be planned in a way that critical clinical and technical information is monitored to identify and respond to potential risks quickly. And planning therefore needs to have the following pillars in mind:

• It's important to have intended purpose in mind because the report must be able to compare the data to other devices with the same intended use.
• It's important to have clinical benefit in mind because the report must be able to identify new benefits and benefits not achieved as intended.
• It's important to have the clinical performance and safety in mind because the report must be able to support or refute these safety and performance concerns and identify new signals.
• And last but not least, the state of the art is important because the report must be able to evaluate the data according to the state of the art.

And these are not general parameters. They are specific to devices and can also differ even within the same device group depending on the model or the size. So these are very important pillars to have in mind when creating the plan. They will affect everything downstream as well. 

So in order to execute this the organization will definitely need a competence team.

 Even small organizations need some kind of a competence base that interact with each other and they have direct access to top management. You should avoid silos and also interact with external clinicians and beyond that have people in your supply chain Involved in your PMS system and this should be documented as well how they are involved and that they have agreed to be involved in your PMS system.

So remember this as a manufacturer you are not only risking non-conformities but you're missing out immensely on improvement. A lack of indicators and thresholds might mean that critical information is missed, and you won't be able to prevent potential issues which can also lead to liability. And I think the big message here all in all is that PMS is a team sport and you need to involve different people from your organization, outside of your organization, in order to really maintain a strong PMS system throughout.

Muna Kebede - 18:50

So I would like to say thank you for your attention. And I know I have promised some complimentary slides later on after the webinar, so I will not go into the regulatory parts here. So let's go directly to our panelists and have a little interesting and riveting discussion about the main details.

Thank you very much for attending Miss Julia Hoyer, Marta Carnielli, and Milad Machet.

Muna Kebede - 19:57

And we would like to kick off with the panel, I will ask each of you to please share one thing that you'd like to emphasize as being important to consider to avoid in PMS, and something that you've seen that manufacturers do continuously and repeatedly.

Just share this in short, just one core message. And I'll start with Julia.

Julia Hoyer - 20:19

Thank you very much and thank you for the slides, they are very helpful. 

One thing I have learned when I did  PMS and risk management in my former role at a manufacturer, I learned the best way to make the reader who is  is  in that notified body or a competent authority, give them the story of your device, go back to your actual device and risk assessment and give the information holistically what has happened What does happen with your device nowadays because the times are changing, what is actually the background of your device and give the reader the information so that they can confidently understand what you are trying to give them for information and be precise.

It does not mean being precise, it does not mean to be a very low text, it means rather a holistic approach for all the areas you have actually perfectly touched in your presentation, what has changed in the literature, what has changed with my device on the market, what kind of information did I get, and bring that together holistically and draw your conclusion and write it down.

Sometimes we see that the conclusion is not written down, so actually you are sitting there with all the information but you don't know now what is the action, is it no good or is it now bad, is it now, can I make my mind by myself or What is the actual information the manufacturer wants to tell me?

Julia Hoyer - 21:50

That is one of the requests:  give the reader your story and give the reader the confidence to follow through your arguments. And why is the risk profile, and why are your measures still okay, and based on all the experience you have gained so far, your device is in unsafe shape?

Multiple speakers - 22:15

Thank you.

Muna Kebede - 22:18

Wonderful, thank you very much. The red line through the story, thank you very much for that input, I absolutely agree. I'll go over to Marta now.

Marta Carinelli - 22:33

Thank you for this introduction, very good overview of post-market surveillance.

I think it's clear from the title that I'm focused on in vitro diagnostics rather than medical devices. However, we'll separate the regulation, a lot of the points in common, and some of the points raised by Julia are valid also for in vitro diagnostics. What I'd like to add to that is to see post-market surveillance as an opportunity to gather additional information on the performance and the characteristics of your device when it is in customer hands and ensure that the data that you collect, analyze and conclude is then used and fed back to your other processes such as, for example, risk management.

So the linkage between post-market surveillance and the other processes within the manufacturer quality management system is really an important point to ensure it's a collection of data, which is for sure a big effort to do and to assess, but also make the best out of it.

Muna Kebede - 23:57

Wonderful, thank you very much, Marta. 

Milad, may I give over to you?

Milad Masjedi - 24:05

Sure, thank you for your presentation as well, I hope everyone can hear me.

I fully agree with what Marta and Julia mentioned about the link between the risk and PMS. Also, what you mentioned in your presentation about what the competent authority found out about the mainly class 1 devices. We actually see very similar cases where manufacturer have many variants and  we can't really extract the data per variant. We have no idea if these complaints are about this device or about other devices. So this is just provided very generic thing. 

Something we still see quite often is we see PMS procedure, we see SOP, but we don't actually see a PMS plan. 

So clients just say, oh, we're going to conduct surveys. They don't provide us with any information. What's the details of that survey? What are the questions? Who are the cohorts? How many? What are the timelines?

So basically they provide very little information on what they're actually going to do.
They make very generic things. And that results in non-conformities. So even though they're committing to something, we don't really know what they're committing to.

Muna Kebede - 25:18

Thank you very much.

I really like that last comment.

They're committing to something, but we don't know what they're committing to.
That's something that happens and occurs often. Thank you very much, Milad.

So I would like to hand over another question, and I'll direct this to Marta now, if that's okay, and it goes a little bit more into the IVD perspective. So I'm from the medical device sector myself, so maybe this is a bit of a self-centered question, I'm not sure, but looking at the impact of the life cycle of a device, there are many non-conformities that can occur for medical devices, so I'd love to hear your perspective from an IVD device, you know from the IVDR, are there any key differences that there are between medical devices and IVDs in this respect or specific examples when IVDs Have a lifetime that really exceeds their shelf life because when you think IVD you don't really think about that in the beginning. 

So I think that would be a really interesting point of view to hear from you Marta, that would be great.

Marta Carinelli - 26:52

Of course, one of the key differences between IVD and medical devices is the concept of indirect harm. So an IVD  will not cause harm directly to a patient but an erroneous result can lead the physician to draw an incorrect conclusion and an incorrect treatment. So that's one of the differences that needs to be taken into account when establishing post-market surveillance and vigilance reporting.

The other aspect you mentioned is lifetime. Traditionally, we think of these as reagents. It's the first thing that comes to mind. Reagents come with a shelf life. So once they expire, they can no longer be used in a safe way. They cannot be used once they expire. So with the reagent part, we tend to focus more on the shelf life of that device.

But we also have instrument. Software is becoming more and more common as it is, and there the concept of lifetime can be used. For example, a manufacturer can say this instrument can be used for three years after its initial start of use, and not after that, after that, the lifetime of that specific device is finished. The device can no longer be used. But traditionally, for the majority of IVDs, we talk about shelf life.

Muna Kebede - 28:29

All right, thank you. I feel enlightened, I have to say.

So we talked a lot about the risk-based approach and the feedback that is needed as well. Is the risk-based approach to creating an adequate PMS for a specific device limited to the risk classification?

Maybe I can direct this back to you, Julia, or are other product-specific criteria, such as materials used and Intended purpose, target population, and so on, important, and do they play a key role in determining the extent of the PMS system? 

Julia Hoyer - 29:15

Yes,  you said it already in your question perfectly, it is not only the risk class of course inherent in the intended purpose and the user group, or where in the body the device is going to be used. It's within the risk class itself, and the less the risk is from the regulation, but you might have low-risk devices which you actually have newly invented. They are by themselves not the most critical devices.

But they are new to you, you as an individual manufacturer, the individual device itself, the individual design, and you may approach a new target population. So whenever something is from the profile of this product itself, it is not only the risk class itself, it is definitely, as you have said it, the actual design itself. New material,  design characteristics, and manufacturing characteristics, even, will determine your follow-up and your monitoring of your device. 

We call it usually post-market surveillance. You can also call it monitoring. I'm monitoring my device throughout the use and I'm accompanying my user groups, how they get along with my device, and how are others giving me feedback on my device, maybe I have something overlooked or it was not clear. So this is all depending on how familiar are you with the device itself. Did something change? Also, change is part of the PMS timeline. How much do I need to engage with the market and post-market on my device to understand if the devices can be safely used?

Muna Kebede - 31:18

Yeah, thank you so much.

I think this is quite an important message that is really missed. So I would love to open this question to anybody else that would like to add anything to it, or maybe from the IVD perspective, please just jump in.

Milad Masjedi - 31:37

I can add some examples if you don't mind, and sorry, Marta for jumping in. For example, my background is orthopaedics, and let's say all hip replacements are class III, but we know that about 10 years ago there was some emerging risk for metal-on-metal hip replacements. Those metal-on-metal replacements still can be used for a specific cohort but I would expect the manufacturer who do put them in the market do extra screening, maybe they do some blood analysis or something every year because we know there is a risk they need to control it and if they don't control it and monitor it there may be catastrophic results.

Again, there are people, for example, the cohort is younger children or pregnant ladies. Or you know, the older population, you do need to think about the impact, the novelty, as Julia said. If something is implantable, long-term, probably has a very different strategy to something that has got a transient use. If something is you can actually see it partially implantable, you can see it is very different maybe to something that you don't see is inside you but is fully implantable.

Milad Masjedi - 32:46

The procedures, there are lots of them. Let's say we have an epidural needle; it may be Class IIA because it's not supposed to touch the CNS, but it does happen. So maybe that accidental damage again needs to be monitored. We can't just say oh it's Class IIA so we don't need to do anything about that. So just some examples that  need to be considered.

Marta Carinelli - 33:09

Let me add the comments from the IVD side.

Of course, the risk classification is important, but it covers the intended purpose of that device. But there are other elements, also, for example, the intended use, or you may have a device that's for professional use in a hospital lab, for example, or it may be for the near-patient testing, which is always a way of professional use  , but is not in the same environment. And that needs to be taken into account, because  the user may have a different facility, may have different challenges.

Let's think about a IVD device that is for near vision testing, to be used in ambulance as an emergency test. From emergency situation, the environment and condition of use of this device would not be the same as the device that is used in a regular hospital lab. It's definitely an element - intended user and target population needs to be taken into account.

Muna Kebede - 34:38

This  brings me  to the thought that we're gathering all this information and specific information along the way and we're setting threshold values and indicators in the beginning and we're gaining more experience and information from the PMS for our risk management system and our SOTA and so on and so forth. And does the suitability of my threshold values that I said in the beginning, does that change?

Do I still have the same threshold values after  a couple of years of PMS and experience or do these threshold values become lower or tighter over time? How does that resonate with you from the Notified Bodies perspective? So, whoever wants to start, please kick off because I'd like to hear from all of you on this.

Marta Carinelli - 35:37

I think that threshold value should evolve through the life of a device. You may not have sufficient data because the device might be new, you may not have similar devices of the previous generation, so you probably need to set the threshold value pretty low.
But as you collect more information, you collect more data, you assess more data, you have more users of your device, then you need to reconsider the threshold value.
Are they appropriate?

Sometimes, we find out that we have been extremely conservative and that you can lower it, and sometimes it will be the other way around, and you will have to increase them. Definitely, there is no size fits all, but I  expect that the values, the special values, are assessed through the lifetime of the device.

Muna Kebede - 36:53

So in agreement, I see.

Milad Masjedi - 36:56

I can add, I fully agree with Marta. 

I believe these thresholds are made during the design phase and based on the risk management performed then, and then the risk value is based on the frequency that is assumed then, and also the severity. But eventually, when we have the real data that risk value changes, the severity, we actually have it based on real evidence, we know what the severities are and what the risks are. So that for sure will impact our threshold.

Then SOTA as well, obviously something that was acceptable 10 years ago, doesn't mean it's not acceptable now. Examples are thermometers that in our generation we have these mercury thermometers, but that maybe not really be used anymore because of the you know risk associated with it. Now we have all these better GUIs, better user interfaces, wired versus wireless technology, all that, some of those maybe have been accepted in the past, the risk associated with them, but now, based on the current SOTA, I wouldn't think necessarily they aren't accepted anymore.

It just needs to be considered. So these values do change. That's the point.

Muna Kebede - 38:25

Thank you, Milad, for that.

I'll stay with you on this one and go a little bit deeper into data and the level of detail that is required, for example, when you're devising a protocol for data analysis.

So we need to plan how we're going to not just collect but also analyze the data once we're there and how important is, number one, the implementation of statistical methods and application of standards like the 2416 and what major non-conformities do you encounter in this area related to the protocol for data analysis or the plan on how to analyze data?

Milad Masjedi - 39:10

Just to begin with,  we don't necessarily expect manufacturers to follow the standard 20416. It's a good standard, it's a recommendable standard, but if they don't follow it, it's not a non-conformity, we won't force them to use that standard. Level of details, such as objective and scope, data collection, responsibilities, data preparation, and statistical methods, are all important. Doing correct trend analysis, based on your complaint, handling and sales, that's important. 

Obviously, this is a requirement of Annex 3 as well to have this threshold. To have this threshold, again, you need to have some statistical analysis to clarify if these are based on your decision-making; you can't just say this is subjective decision-making, you have to have some sort of objective decision-making. We do raise non-conformities when the manufacturer states some numbers without any statistical calculation, without any justification, so that's commonly seen.

Muna Kebede - 40:27

Wonderful, thank you very much. Anybody else would like to add?

Julia Hoyer - 40:33

If you allow me, I agree with Milad's explanation.

Maybe one point, what we encountered also with the discussion with the competent authority, is that they really expect from the manufacturer, when you do the statistics on events or incidents happen in the market versus the actual devices sold on the market.
We have a discussion because the manufacturer only delivers the potential uses of a device in the market.

So this gives context, but the European competent authorities really want to see how many devices were delivered into the market, and this is where they put their threshold on or where they find themselves comparing data.

Of course, it is very necessary to understand, for example, as Milad said,  from the orthopaedic field, you have often the reusable surgical instruments, and you know that in the hospitals, they can be there for ages. And of course only because one device breaks after 10 years of use doesn't make the manufacturer or doesn't give the manufacturer the fault.

So it is very necessary to have that in mind and to bring it next to your conclusion.

Julia Hoyer - 41:58

But Europe would always ask for how many  of that particular device have been brought into the European market. And complement that data with uses you can consider based on where care is delivered.

Muna Kebede - 42:27

Going directly from data to vigilance,  I can stay with you with this Julia, there is often a struggle with the interpretation of reporting criteria specifically regarding the terminologies "might have led to" or "reasonably possible" and what can manufacturers do number one, to also remove bias in the approach of determining this and to standardize the assessment of incidents in the above mentioned aspects.

So what is reasonably possible? What can a manufacturer actually do to make sure that this is interpreted in a way that is expected by the notified body and competent authorities?

Julia Hoyer - 43:18

I also went to our team internally, we do have the vigilance team who's taking care of that and they encounter this question and discussion every day, certainly, so we align with them on how do we see that and what kind of mechanism can be used to remove bias in the MDCG guidance.

There is also  an explanation what can be seen, so how it can be seen. 

So if in a complex situation where you do not at that point in time when the reporting deadlines are approaching and you are not 100% sure if you really will revise, that can be part of it,  but you cannot exclude it. If you cannot exclude it,  in case of doubt, you have to report and  when I know or we know that is a bit of a struggle because you have 15 days  only if that is such an urgent case and then later after 30 days or whenever you find out your device has not been part of the actual root cause.

Then you still have to close the case, but give them more information.

Julia Hoyer - 4:37

There is an administrative burden, we know.

Unfortunately, still it is the case or fortunately you can see however you want to have it.
In case of doubt, still you have to report it but you can always also reach out to your notified body and clarify. But due to the amount of cases In Europe and due to the demands of the 15 days, it might be the safer way to report and then clarify again afterwards. At that point in time, I could not have known that, but now I'm sure, after the investigation, my device was not participating or was not a root cause for the event.

Marta Carinelli - 45:34

The same reasoning would apply to in vitro diagnostics, so be in doubt if you cannot exclude your device report. To the competent authority of the member state where the issue occurred, the incident occurred, and also to the notified body.

If a notified body is overseeing this device,  then if additional investigation shows later on that your device was not involved, you actually have the opportunity to file a final report where you indicate that the event is not a report from events because your device is not involved in the incident.

Muna Kebede - 46:38

Thank you very much for this very important message. I think this can be repeated. It's a common question and insecurity amongst many manufacturers.

For an overall question, I'll direct this to you, Martha. Have you seen from a Notified Body's perspective any over-engineering, for example, of the PMS system or the internal requirements?

They're either meeting their regulatory requirements, and completely overburdening their QMS or, because of this over-engineering, they are missing important aspects of their QMS and creating pitfalls for themselves. So there's a lot of discussion about how to keep your QMS and your PMS lean so that it's actually effective and not just overburdening and packed with actions and activities that you are never going to actually complete.

So please, everyone, starting with Marta, give us some input on that.

Marta Carinelli - 47:50

Thank you for the question.

I'd like to say from an IVD perspective, the IVD directive didn't go through a recast as for medical devices, so it was still being the directive published in 1998. So the concept of post-market surveillance was not covered there.

The IVDR is therefore a huge change for IVDR manufacturers. The IVDR also includes a lot of instruction on what needs to go. For example, it had to be included in the post-market surveillance plan. What is the minimum content? If you follow what is in the  IVDR, you can create a plan, but then you need to execute it, you need to assess the data,  draw conclusions on those data which is sometimes missing and as I was saying earlier on, the connection.

So it's nice to have this PSUR or PMSR report with all this data and not only the conclusion but then you have to ensure those data are transferred back to the conclusion from those data are transferred back.

To your risk management, to your capital process, to the overall design and manufacturing improvement. That's where I see the risk for post-market surveillance. It's a mandatory exercise, but we don't use the data to the extent that we could.

Muna Kebede - 49:44

Thank you very much, Marta, I appreciate it. And from our MD side, can anybody input on that as well, some experience from your side? Thank you.

Milad Masjedi - 49:59

Personally, from our side, we haven't seen a lot of manufacturers going for over-engineered ways. The only thing we commonly see is that we're raise on conformity because we sometimes just need a justification or clarification, let's say on lack of PMCF justification for that, and the manufacturer comes back and provides us with this amazing clinical investigation plan that they're going to do on 300 patients and they're never going to do, so that sort of thing.

Sometimes, they do have good data. We don't expect them to do that clinical investigation. We just need the justification because I don't want to make a conclusion on their behalf. They all want justification for them to make that decision. But they come up with this plan.

Overall, I never see this as a negative thing. So if they have over-engineered, actually that gives more competence to the manufacturer and probably I can make that recommendation for certification easier. That's my opinion.

Julia, all yours.

Julia Hoyer - 51:05

When you ask about this overall, you can have that what you actually show in your slides, Mona, what you have pointed out that sometimes you may have devices which are slow movers or very state-of-the-art devices or very conventional traditional devices where it's not so much invention or anything new, but the manufacturer, maybe out of the entire brand new MDR, had Set a very short timeline for doing their reports and so on. 

Maybe that is a good point to reconsider. Do I really need to do that like every year?
Maybe my frequency is even too tight for a device which is more or less a slow mover and I can grant myself two years instead of one year. It is as we discussed in the panel  already,  sometimes it's also good to revisit your actual PMS planning and make it more reasonable after the first year, second year, third year to the actual situation you encounter with the respective devices. For some of the devices you might need to have a shorter time and for somebody really can give a larger time in between until you make your next report. 

So this will not overburden your personnel and not overburden your system then.

Muna Kebede - 52:50

All right, I think I can safely say that we have had a very riveting discussion and thank you very much for having answers to all the questions and for joining.I will be quiet now and let Alexia do the speaking and thank you very much. Thanks a lot.

Alexia Lynch - 53:13

Thank you to the four of you, really those were  very interesting questions and  curse answers provided very enlightening so thank you so much. We do have a little bit of time left to go through some of the questions that the audience has sent. If within the audience you have more questions please go ahead and enter those now.

We will do our best to still address those questions in writing post-live session. So there are quite a number of questions  related to software as medical devices but very quickly, there was an interesting question about is it required to report an incident that happened outside of the European Union. Who can comment on that one?

Marta Carinelli - 54:17

For serious incidents, you are required to report to the member states where the incident occurred. So if it happens outside the European Union, you don't have to report it to any competent authority and not to the notified body.

The exception is if you end up issuing a field safety corrective action. In that case, you would report the field safety corrective action to the main product user, to actually all the member states where this particular device is sold, and also to your modified body.

Alexia Lynch - 55:00

Okay, thank you so much for the clarification there, Marta. Another question that we have is, “Do PMS requirements still apply to a manufacturer if they cease to trade as a legal medical device manufacturer, for example, after voluntary withdrawal from medical devices or from bankruptcy, etc.?” Who wants to go ahead first?

Julia, you're unmuted, I will call on you.

Julia Hoyer - 55:30

Thank you.

So if the manufacturer no longer exists, nobody can take over this job. So by the mechanism, this will fall back to the competent authorities, surveyors of those products. Because no one can be grabbed anymore and if that company is out of business as a registered trade company, then there is no one to grab. So this is the following mechanism to the competent authorities.

Alexia Lynch - 56:07

Moving forward, for the PMS plan, do you recommend to group based on basic UDIDI or similar intended purpose? Milad, do you want to go ahead with that one?

Milad Masjedi - 56:19

Sure, the guidance doesn't really provide that much information. 

In SGS we have our own guidance that we provided to our manufacturers. We do say it's either based on MDA MDN code plus same intended use or can be based on  I  if it's based on if it's used in the same procedure. So, for example, let's say a hip implant can be grouped together with some of the instruments, a reamer that can be used together with it for that procedure, whereas the hip implant can't be submitted together with shoulder implant because there are different intended purposes.

So just because they're the same MDA-MDN code doesn't mean that you can group it and also just because you know there are different MDA-MDN codes doesn't mean that you can't group it but at least this is only for SGS side.

I'd like to see actually what TÜV does.

Alexia Lynch - 57:13

Julia, do you want to step in to give us a bit of the TÜV SUD perspective or Marta?

Julia Hoyer - 57:25

Yeah, of course, so there is flexibility in that, certainly, then also for the PSURs, the guidance talks about reading devices.

What we encountered is that there is not always one-fits-all mechanism, but what we encountered is that when there are too many devices covered in world record, it makes it very hard to go through all of that and to redefine the answers you are looking for.
So it is a good approach to either have it in the system,  a system approach, typically in the therapeutic language that considers not only the implants but also the instruments.

If there's a too high a volume and then the pages going on and going on and going on, it will be very difficult for the notified body to find the answers they're actually looking for, for the high-risk devices  where they need to come in every year and maybe for
the lowest devices he never needs to come in.

That is a very good point where we need to find all our way through the years what is a reasonable approach, what is too much to budensome, but you can definitely go by the basic UDIDI, you can also bundle that, it is also very helpful as Milad has explained it, So it is a bit of an individual thing, but it is from our point of view not necessary to have for each and every device, of course, a report, which the It creates a lot of paper and on the other hand, if you bundle too much, it will be too inconsistent in the entire document and errors and inconsistency will appear and the reviewer will not find the answers they're looking for.

So that is also the other side of the extreme. I think we need to see how it's all going through the years and with more experience we know what is the best practice.

Alexia Lynch - 59:37

Perfect, thank you so much. Marta, any further comments just from an IVD standpoint?

Marta Carinelli - 59:47

I would say the same when applying for IVD. You have flexibility, and it's your device. You know it best, so decide on the approach and explain the approach to your notified body. 

Alexia Lynch - 01:00:03

With this, we will wrap up. We have reached time. We do have a number of questions that are left unaddressed once more to the audience. We will make sure that we provide answers, but in written form, those will come to you in the next few days.