ClaripulseClaripulse
Get Early Access
·6 min read·Claripulse

Post-Market Surveillance in the United States: The System We Have vs. the System We Need

post-market surveillanceFDAMAUDEmedical devices

Approval Is Not Validation

There is a persistent misconception—especially outside regulatory and clinical circles—that clearance or approval from the U.S. Food and Drug Administration represents a definitive validation of safety and effectiveness. It does not.

Premarket evaluation is inherently constrained. Clinical trials are conducted in controlled environments, with carefully selected populations, predefined endpoints, and relatively short follow-up periods. Even the most rigorous premarket approval (PMA) studies cannot fully capture how a device will behave once exposed to the variability of real-world clinical practice.

Post-market surveillance (PMS) exists because of this gap. It is not a secondary process layered on top of approval—it is the mechanism by which safety and performance are actually understood over time.

In practice, however, PMS in the United States operates as a fragmented collection of regulatory obligations rather than a coherent system of learning.

The Regulatory Framework: Structured but Disconnected

From a statutory perspective, the U.S. has a well-defined set of post-market requirements. These include Medical Device Reporting (MDR), post-market surveillance studies under Section 522, complaint handling under Quality System Regulation (QSR), and corrections and removals reporting. On paper, these elements form a lifecycle safety net.

In reality, they function more like parallel tracks with limited integration.

Medical Device Reporting, governed by 21 CFR Part 803, is the most visible component. Manufacturers are required to report deaths, serious injuries, and certain malfunctions within defined timelines. This system is essential for identifying acute safety signals, but it is fundamentally reactive. It depends on events being recognized, documented, and escalated correctly—often across multiple intermediaries.

Section 522 studies introduce a more proactive element. The FDA can mandate post-market studies for devices where uncertainty remains after approval. These studies can be valuable, particularly for high-risk or novel technologies, but they are used selectively and often take years to generate actionable insights.

Complaint handling, defined under 21 CFR 820.198, is where most real-world signal generation actually begins. Every complaint must be logged, evaluated, and investigated. This is the operational core of PMS. Yet in many organizations, complaint systems are optimized for compliance documentation rather than signal detection.

Corrections and removals (21 CFR Part 806) close the loop when issues are identified, but by the time a recall is initiated, the system has already failed to detect or mitigate risk earlier.

Each component serves a purpose. The problem is that they are not designed as an integrated intelligence system.

The Reality of Signal Detection

The central promise of post-market surveillance is early signal detection—the ability to identify emerging risks before they translate into widespread harm.

In practice, this is where the system struggles most.

Signal detection today is largely driven by:

  • Individual adverse event reports
  • Aggregated complaint trends
  • Periodic internal reviews

These mechanisms are inherently limited. Adverse event reporting is incomplete and inconsistent. Complaint data is noisy, unstructured, and often delayed. Internal reviews are episodic rather than continuous.

More importantly, the system lacks context. A malfunction report in isolation is difficult to interpret without understanding:

  • Device utilization rates
  • Patient characteristics
  • Procedural context
  • Comparative baseline risk

Without this context, organizations oscillate between overreaction and underreaction. Either every signal appears urgent, or none do.

This is not a regulatory failure—it is a data architecture failure.

Real-World Data: An Underutilized Asset

Over the past decade, the volume of available healthcare data has increased dramatically. Electronic health records, claims databases, and clinical registries now contain longitudinal patient-level information at scale.

In theory, this should transform post-market surveillance.

In practice, integration remains limited.

Most PMS systems still rely heavily on internally generated data—complaints, service logs, and MDR submissions. External data sources are often treated as separate research initiatives rather than core components of surveillance.

This creates a structural blind spot. Devices are being used across diverse populations and settings, but manufacturers often lack systematic visibility into outcomes beyond what is voluntarily reported back to them.

The FDA has made efforts to address this through initiatives like real-world evidence (RWE) frameworks and programs such as the National Evaluation System for health Technology (NEST). These are important steps, but adoption at the operational level remains uneven.

The result is a paradox: the data needed for effective surveillance exists, but the systems to use it meaningfully do not.

Organizational Failure Modes

When post-market surveillance breaks down, it is rarely because a single regulation was not followed. It is because of how organizations implement PMS internally.

Three failure modes are particularly common.

First, data fragmentation. Complaint handling systems, regulatory reporting platforms, and clinical data repositories are typically separate, with limited interoperability. This prevents a unified view of device performance.

Second, latency. Many PMS processes are still manual or semi-manual, introducing delays between event occurrence, recognition, and action. By the time a pattern is identified, it may already be well established.

Third, lack of feedback into decision-making. Even when signals are detected, they do not consistently translate into changes in product design, labeling, or clinical guidance. PMS becomes a documentation exercise rather than a driver of improvement.

These are not edge cases—they are the default state in much of the industry.

What a Modern PMS System Should Look Like

If post-market surveillance were designed today from first principles, it would look very different.

It would start with integration. All relevant data streams—complaints, adverse events, clinical outcomes, and utilization data—would feed into a unified system. This is not just a technical requirement; it is a conceptual shift from reporting to monitoring.

It would emphasize continuous analysis rather than periodic review. Signal detection would be ongoing, with statistical and computational methods applied in near real time.

It would incorporate context. Device performance would be evaluated relative to patient populations, indications, and expected baseline risks, rather than in isolation.

And critically, it would close the loop. Insights generated from surveillance would directly inform product development, regulatory strategy, and clinical communication.

This is not a hypothetical future. The components already exist. What is missing is alignment between regulatory expectations, organizational incentives, and technical infrastructure.

Where the FDA Is Heading

The FDA’s trajectory is clear, even if implementation is uneven.

There is increasing emphasis on lifecycle oversight, real-world evidence, and proactive safety monitoring. Programs around digital health, AI/ML-based devices, and continuous learning systems all implicitly depend on stronger post-market infrastructure.

At the same time, the agency has not fundamentally restructured the core PMS framework. MDR, complaint handling, and post-market studies remain the primary tools.

This creates a transitional moment. The expectations are evolving faster than the systems designed to meet them.

For manufacturers, this is both a risk and an opportunity. Those who continue to treat PMS as a compliance function will struggle to keep pace. Those who invest in it as a data and intelligence capability will have a meaningful advantage.

Conclusion: From Compliance to Intelligence

Post-market surveillance in the United States is not broken—but it is incomplete.

The regulatory foundation is strong, and the intent is clear: detect problems early, protect patients, and improve device performance over time. The challenge lies in execution.

Today, PMS is still largely reactive, fragmented, and underpowered relative to the complexity of modern medical devices and healthcare systems.

The next phase of evolution will not come from new regulations alone. It will come from rethinking PMS as a continuous, data-driven process—one that treats every device in the field as part of an ongoing study.

Approval is the beginning. Surveillance is where the real work happens.