Under EU MDR, Post-Market Surveillance (PMS) has shifted from a procedural requirement to a core regulatory control mechanism. Auditors increasingly treat PMS as a live system that demonstrates whether a manufacturer understands and controls real-world device performance.
Despite this, many organizations continue to operate PMS as a document-driven, retrospective activity. The result is a recurring gap between what auditors expect to see and what companies actually present during conformity assessments.
From an audit perspective, PMS is not about whether a plan exists. It is about whether the manufacturer can demonstrate ongoing awareness of device performance and emerging risks in the field.
Auditors typically look for evidence that PMS data is actively collected, assessed, and fed back into the quality system — particularly into risk management, clinical evaluation, and CAPA.
Auditor focus: Can the organization show that post-market data meaningfully influences decisions, or does it merely satisfy reporting obligations?
In practice, PMS is often reduced to periodic compilation of complaints, literature reviews, and vigilance data to support annual reports.
Data is collected, summarized, and archived — but rarely analyzed in a way that challenges existing risk assumptions or triggers proactive system updates.
This creates a compliance illusion: documentation appears complete, yet the system lacks responsiveness.
One of the most frequent audit observations relates to weak linkage between PMS outputs and the risk management file.
Manufacturers often state that PMS is reviewed, but cannot clearly demonstrate how specific post-market signals resulted in risk reassessment, updated controls, or justification for maintaining existing risk ratings.
When PMS does not visibly influence risk management, auditors interpret this as a systemic weakness rather than a documentation gap.
EU MDR expects PMS to function as a living system — continuously active, proportionate to device risk, and responsive to new information.
Many organizations, however, still treat PMS as an annual reporting exercise aligned to audit timelines rather than operational reality.
This timing-driven approach becomes evident during audits when teams struggle to explain how post-market trends were identified, escalated, and acted upon between reporting cycles.
Another common challenge is unclear ownership of PMS activities across functions.
While Quality may compile PMS reports, inputs often originate from Regulatory, Clinical, Service, or Commercial teams — without a clear governance model for integration and decision-making.
Auditors increasingly probe how these interfaces are managed and whether responsibilities are clearly defined and exercised.
When PMS systems are passive or poorly integrated, audit findings tend to focus on lack of effectiveness rather than missing elements.
These findings are difficult to close quickly because they reflect systemic behavior, not isolated omissions.
Organizations that address PMS as an operational system rather than a reporting obligation experience fewer repeat observations and smoother surveillance audits.
NeubiQ supports medical device manufacturers in aligning post-market surveillance with EU MDR expectations, ensuring PMS outputs actively drive risk, CAPA, and regulatory decision-making.
Request a PMS Readiness Discussion