PMCF for IVDR and MDR – A Case Study and How-To

By Published On: August 21st, 2023Categories: EU MDR, IVDR, PMS PMCF, Post Market Surveillance

By now, most of us have struggled through at least one successful submission for MDR/IVDR, and we know they take time. Very doable, but no ones exactly surprised at home simple everything was to get certified.

After you breathed a sign of relief at your approval/acceptance of documentation, you probably shifted your attention back to the 105,353 other things that need your review and sign-off. After all, most of us don’t have the luxury just being responsible for Europe compliance on a single or handful of products.

As you shift back to FDA, or global submissions with vigor (and maybe relief), there probably is a small little itch in the back of your mind. The kind of itch that the best QA/RA people in the world seem to have naturally when they know the clocks against them and future risk is ticking up day by day.

This, my friends is your instinct telling you that your talented (but understaffed and overloaded) team doesn’t have the time or budget to keep up with PMS/PMCF activities year after year.

And you’d be right. Unless you’re a startup with a single product, or fortunate to have a big corporate team focused just on PMS activities (not that these teams have loads of free time either by the way), then likely PMS/PMCF is an after-thought, and not seen by your managers as nearly as critical as the initial approval.

But to us, we know it’s the equivalent of driving an oil tanker downhill without sufficient brakes for the bottom.

Yes, we are moving well. The product is selling, we are approved. But there will come a day when we reach the bottom of the hill and realize we didn’t bring with us the stopping power we needed (our annual updates, PMCF reports, vigilance etc.).

And then we plow right into that school bus full of children and go up in a fiery blaze that simultaneously poisons the water supply of neighboring communities…

Ok, too graphic and morbid of an analogy for the morning. I got carried away (I’m sure the Brits reading are still chuckling though).

But seriously, how are you going to possibly maintain all these documents? We’re talking CER/PER updates, PSURs, PMCF Reports (not including possible investigation to perform), and all the safety and sales data that’s flowing in month after month?

We can be talking about hundreds of documents here, all with versions to maintain, review schedules and workflows to follow, and timelines to be remembered. Oh, and then you still have to write the thing!

So how do you maximize your team, and implement a rock solid process that not only covers you completely for what your PMS Plans committed to, but also is time efficient and not a complete pain to maintain?

The IVDR PMCF Strategy Revealed

Today I want to give you insight into a company with a significant (100+) amount of devices in their portfolio. All requiring some forms of updates, PMS/PMCF activities.

A few key points for these big and simple types of portfolios:

  • Literature Search and Review is the best way to demonstrate consistent updates
  • Your lit results can pass through PMS Reports, PMCF Reports, and the PSUR simultaneously.
  • The documents will follow the same format, over and over again.
  • Most results are minimal/insignificant, but need to be reported and documented properly.

At this point, you should be thinking “systems and automation are my friend” when you look at this company’s situation. We have a ton of repeatable work, and document wrangling to do vs. custom writing and philosophical long-form writing.

For these guys, most of their products are IVDs of class B and C. They have been on the market, and won’t require any investigations to update PMCF. So the strategy really is just to stay ontop of literature, any adverse events that come up, and the sales/use/customer feedback data that comes in from the Sales department.

We look at the architecture like this.


  • Literature Review
  • Adverse Event Searching
  • Sales Data
  • Customer Surveys and Feedback


  • PMCF Reports
  • PSURs
  • PMSRs (if applicable)

Here’s a diagram of how we approached it for these guys.

View the whole workflow (and zoom in)

You’ll notice on the graph, that our platform is doing a lot of the heavy lifting. And that’s the beauty of it. If searching, organization, reviewing, and generation of versioned outputs is handled for us… then the compilation of docs actually get’s pretty straightfoward.

For Approval flows, we keep it simple (at the client’s request) by putting the versions into a sharepoint drive, and moving them accordingly after signature (Via docusign).

This workflow is as follows:

View the whole workflow (and zoom in)

In this case, it was our Project Manager and Medical Writer doing the heavy lifting, the client only had to review/sign-off on the Protocols and final Reports. But it’s also possible to replace those people with your own folks (if you have them)

Hybrid Management System:

In a perfect world, the client wanted a system that they could ultimately maintain themselves (without relying on us to do the reviewing/writing) should the day come when budgets are slashed or new hires are added to their team.

That’s the beauty of this system, whether it’s our writing team or theirs using the platform, everything stays in the same place and continuity is maintained throughout the years.

No messy sorting out share drives of an employee that left in a hurry, or trying to find that ‘most recent draft’ of a document that was passed back and forth in an email chain 12 times last year.


What do we get when we put this system in place with the combined CiteMed + Client teams?

  • All documents and subsequent versions organized
  • Budgets for maintenance cut by over 75% when compared to hiring more staff, or consultants.
  • A system that is ‘handover proof’, no lost documents or messy transfers if an employee leaves the company.
  • Time saved, in the amounts of hundreds of hours (weeks!) per year for the Client’s Regulatory and Quality team.

But what about doing it with existing tools? If you really are stuck with what you’ve got, then a lot of what we’ve detailed here can be workable with some very (obsessive) detailed management of a Shared Excel Sheet and File Drive.

What I’d do, is create a master sheet that details who is responsible for each piece (and when) and then also have links in that spreadsheet to the relevant share drives where the files are stored.

This master sheet becomes your source of truth for location, status, and assignment of documents. I’ve seen it work (even for bigger organizations), but it sure is a lot of legwork to for someone (probably you) to maintain it meticulously and follow-up with people to ensure they are updating things and putting docs in the right place.

Want more EU MDR and Regulatory Insights?

We send weekly emails with the latest regulatory developments, templates, and strategies straight to QA/RA Professionals like you. Sign up below to get access today.