With the post-market surveillance plan, manufacturers are trying to achieve two (potentially) contradictory goals. On the one hand, they have to comply with the legal requirements and maximize the safety of their devices. And on the other, they can only take on as much work as they can realistically do in the long term.
But can this balancing act succeed? Does ISO 20416 help at all?
Find out what the 7 most common mistakes that medical device manufacturers should avoid are. Particularly because even now they regularly lead to problems in audits.
Before you read any further, you should make sure you are familiar with the objectives of post-market surveillance and the post-market surveillance plan.
Post-market surveillance is a systematic device-specific process carried out with the aims of:
Conclusion: During the post-market surveillance process, manufacturers should look for information that will help them maintain or even improve the safety and performance of their medical device.
Read more on the basic principles of the PMS process. This article will also help you better understand the difference between vigilance and the post-market clinical follow-up.
The post-market surveillance plan (PMS plan) is used – as the name suggests – to plan post-market surveillance activities. It must therefore define, on a device-specific level:
Conclusion: The aim of the post-market surveillance plan is to make sure that everyone involved knows what they need to do, when, and how in order to achieve the post-market surveillance objectives: the safety of the devices and therefore of the patients, and ensuring the company’s compliance with all the regulations.
The MDR establishes the requirements for the post-market surveillance plan in Article 84 and Annex III Section 1.
Article 84 of the MDR states:
The post-market surveillance system referred to in Article 83 shall be based on a post-market surveillance plan, the requirements for which are set out in Section 1.1 of Annex III...
In paragraph (a), Annex III Section 1 lists the requirements for the information sources to be included:
In paragraph (b), the MDR establishes the requirements for the methods that manufacturers have to use to evaluate these sources of information, e.g.:
The requirements of the IVDR with regard to the post-market surveillance plan are essentially identical to those in the MDR.
The “Technical Report” ISO TR 20416 is entitled “Medical devices — Post-market surveillance for manufacturers”. This international standard also looks at the post-market surveillance plan.
In section 4, ISO 20416 states the aims of post-market surveillance and in section 5 it details the requirements for the post-market surveillance plan. Section 6 describes the review of this plan. This examples in Annex C are worth paying attention to.
ISO 20416 also describes the inter-relationship with ISO 13485 and ISO 14971 (see Fig. 2).
This figure shows that the PMS process must be linked to other quality management processes, particularly with risk management.
ISO 20416 contains specific requirements for manufacturers:
ISO TR 20416 proposes a specific section structure for the PMS plan (see Figure 3).
The standard does not provide any specific information for this section.
This should include the:
To work out the truly device-specific objectives in addition to the general aims (detection of new risks, compliance with the regulatory requirements), ISO TR 20416 proposes a list of questions and gives some concrete examples:
A competent person must be assigned to each activity in the PMS process.
The standard requires device-specific information sources to be listed and data collection methods to be established. The collection of the data must be documented accordingly.
Here the standard distinguishes between
The plan should give an idea of the report to be created. This includes specifications for the time period and a template to be used.
The plan must be reviewed regularly and, if necessary, modified. Responsibilities, times and criteria should also be defined for this.
The PMS plan section structure proposed by ISO TR 20416 is comprehensible and useful.
The standard makes it clear that it is no longer sufficient to say that the support data and the reports to the authorities will be checked once a year for information. It describes numerous other sources of information and their benefits.
What the standard unfortunately does not explain is how individual findings can be evaluated in a reasonable and objective way. And that leads us to the next section.
The Johner Institute doesn’t just carry out post-market surveillance for dozens of medical device manufacturers, it also prepares manufacturers for audits by notified bodies by auditing manufacturers and reviewing their post-market surveillance plans and results. We see the following mistakes again and again:
If the PMS plan does not precisely define the search strategy, the manufacturer cannot be sure that two assessors will obtain the same search results.
The plan should, therefore, also specify exactly which search terms, search criteria and search filters the assessors used in which databases and other sources of information.
A template helps to make sure that the PMS plans for all devices contain these precise specifications.
Even when the two assessors have the same search results, it is not certain that both will come to the same result in their evaluation. But such consistency is also required.
This means a concrete data evaluation strategy or a precise list of questions and criteria is required. This is the only way to obtain an objective analysis.
In addition, manufacturers must ensure that the analysis is transparent and traceable. To do this, they need to:
The PMS plan should also include these analysis criteria.
Establishing these analysis criteria in a higher-level SOP (usually only) makes sense if the manufacturer is surveilling very comparable devices and analyzing the information from such surveillance.
To obtain really relevant results, the plan must be device specific. For example, it doesn’t make sense to search the FDA databases if the device is not actually regulated as a medical device in the USA.
In contrast, anyone who uses OTS software, such as operating systems and databases, will not be able to avoid the NIST databases even if they don’t sell the device in the USA.
The PMS plans must be specific to, for example, the:
Manufacturers shouldn’t see post-market surveillance plans as isolated documents. Instead these PMS plans must be coordinated with, for example, the:
The clinical evaluation recommends PMS actions and PMCF actions. Are these in the PMS plan?
The risk management plan defines the monitoring in the downstream phase. Does the PMS plan include these activities?
Granted, the requirements of the MDR are difficult to understand and comply with:
“...methods and protocols to be used to establish any statistically significant increase in the frequency or severity of incidents...”
Annex III, Section 1(b), MDR
Statistical significance is often a problem, especially with low numbers of cases. In these situations, you can often only make a case-by-case assessment. ISO TR 20416 explicitly supports such an approach.
The PMS is linked to a lot of processes and requires input from several actors. Therefore, a lot of roles have to be involved in PMS and described accordingly in the PMS plan. These include:
These roles and people should know that they are included in the post-market surveillance plan. And, therefore, they should have sufficient capacity and competence.
A lot of manufacturers assume that an annual review of the information sources is sufficient. But for a lot of devices, this might not be the case.
For these devices, in particular, manufacturers have to surveil the market more closely.
The PMS experts at the Johner Institute can help you:
As a result, they can help you achieve regulatory certainty, and not just avoid problems during audits but also avoid the expense of unnecessary PMS activities. This will also help you ensure the safety of your devices.
Just send us a message here. The Johner Institute’s experts look forward to meeting you!
Post-market surveillance can and must make a significant contribution to ensuring, and even improving, the safety and performance of medical devices.
The requirements for effective PMS are a device-specific PMS plan and the provision of the necessary resources to search and evaluate all the relevant information sources.
ISO 20416 helps with a proposal for the structure of the plan. On the other hand, the standard does not help manufacturers with the challenges of evaluating reports. In Annex B, it gives some tips for how manufacturers can identify the trends required by the MDR and set thresholds.
The quantity of data that manufacturers have to collect, process and evaluate for post-market surveillance is continuously increasing. The frequency of this monitoring is becoming shorter, from annually to continuously. This is the case for software-based products in particular. The post-market surveillance plans must define this frequency accordingly.
Manufacturers will only be able to cope with this quantitatively and qualitatively increasing load through automation.
That’s why the Johner Institute has already started to automate these processes. It offers this service to manufacturers to save them considerable time and costs for repetitive work.