Post-market surveillance under EU MDR: what MDCG 2025-10 changes

MDCG 2025-10, published December 2025, provides the most detailed interpretation yet of post-market surveillance (PMS) obligations under MDR Articles 83-86. It clarifies how PMS must be integrated into the quality management system, how to structure PMS plans and reports, and what Notified Bodies and competent authorities expect during audits.

What changed with MDCG 2025-10

Previous MDCG documents on PMS (notably MDCG 2020-7 and MDCG 2020-8) covered PMS plans and Periodic Safety Update Reports (PSURs). MDCG 2025-10 goes further by addressing practical integration questions that manufacturers have struggled with since MDR entered application:

• How to link PMS activities to clinical evaluation updates
• What constitutes a "proactive" PMS system versus a reactive complaints process
• How PMS data should feed into risk management decisions
• When PMS findings trigger a PSUR update versus an immediate corrective action
• What Notified Bodies expect to see during PMS-related audits

The guidance does not introduce new legal requirements beyond what MDR already mandates. It provides interpretive detail that effectively raises the bar for what "adequate" PMS looks like in practice.

PMS system structure under MDR

MDR requires manufacturers to establish and maintain a post-market surveillance system that is proportionate to the risk class and type of device. The PMS system comprises several interlinked components:

PMS plan: what MDCG 2025-10 expects

Your PMS plan must specify the data you will collect, how you will collect it, and how you will use it. MDCG 2025-10 emphasizes that the plan must go beyond complaint handling:

Proactive data collection: Manufacturers must actively seek information, not wait for complaints. This includes:

• Systematic literature reviews (at least annually)
• Registry data analysis where available
• User surveys or structured feedback programs
• Analysis of similar devices and competitor field safety actions
• Social media and online forum monitoring (for widely used devices)

Reactive data collection: Standard channels including:

• Complaint handling and trending
• Vigilance reports (your own and similar devices via EUDAMED)
• Post-market clinical follow-up (PMCF) study results
• Customer feedback and technical support data

Analysis methods: MDCG 2025-10 expects documented statistical methods or trend analysis approaches, not just qualitative summaries. The plan should define thresholds that trigger escalation (e.g., complaint rate exceeding baseline, new failure mode observed).

MDCG 2025-10 makes clear that a PMS plan consisting only of complaint handling and adverse event reporting is insufficient. Notified Bodies will assess whether the plan includes proactive data collection appropriate to the device's risk profile.

PSUR requirements by device class

Each PSUR must contain (MDR Article 86):

1. Summary of PMS data collected during the reporting period
2. Conclusions from benefit-risk analysis based on that data
3. Volume of sales and estimated patient/user population
4. Main findings from PMCF activities
5. Update on corrective and preventive actions (CAPA)
6. Conclusion on whether the benefit-risk ratio remains acceptable

MDCG 2025-10 adds that PSURs should explicitly reference the clinical evaluation report (CER) and demonstrate how PMS findings were fed back into the risk management file and, where relevant, the CER.

Integrating PMS into your QMS

MDCG 2025-10 stresses that PMS is not a standalone activity. It must be embedded in the quality management system with clear links to:

Risk management (ISO 14971): PMS data must be systematically reviewed against the risk management file. New hazards identified through PMS must trigger risk assessment updates. Residual risk acceptability must be re-evaluated when new data emerges.

Clinical evaluation: PMS data forms part of the ongoing clinical evaluation required under MDR Article 61(11). The PMCF plan defines prospective studies; PMS provides the broader data context.

CAPA process: PMS trend analysis should feed into the CAPA system. MDCG 2025-10 expects documented criteria for when a PMS finding triggers a CAPA, including timelines for evaluation and resolution.

Management review: PMS results, PSUR conclusions, and any trend signals should be agenda items in the QMS management review process.

What Notified Bodies will assess

During surveillance audits, Notified Bodies will evaluate:

1. Whether the PMS plan covers proactive and reactive data sources appropriate to the device's risk class
2. Whether PMS data is actually being collected according to the plan
3. Whether collected data is analyzed with documented methods and thresholds
4. Whether PMS findings are linked to risk management, clinical evaluation, and CAPA processes
5. Whether PSURs are submitted on time and contain all required content
6. Whether the manufacturer can demonstrate that the benefit-risk ratio remains acceptable based on current data

Looking for the right regulatory intelligence tool? Read our guide to evaluating regulatory intelligence platforms.

Key takeaways

• MDCG 2025-10 raises the practical bar for PMS system adequacy without introducing new legal requirements
• PMS plans must include proactive data collection (literature, registries, user feedback), not just complaints
• PSURs must explicitly link PMS findings to clinical evaluation and risk management updates
• PMS must be integrated into the QMS with documented connections to risk management, CAPA, and management review
• Notified Bodies will assess whether PMS activities are actually being performed according to the documented plan
• Class IIb and III manufacturers must submit PSURs annually through EUDAMED

How RegAid helps

RegAid covers all MDR PMS articles (83-92), MDCG 2025-10, and the earlier PMS guidance (MDCG 2020-7, 2020-8). Ask "What proactive data sources should my PMS plan include for a Class IIb device?" and get a cited answer linking MDR Article 84 requirements to the MDCG 2025-10 interpretive guidance.