Companies marketing devices in the European Union are facing a perfect storm of EU MDR & IVDR regulation challenges. According to a 2022 Medical Device Coordination Group (MDCG) position paper, more than 90 percent of European medical device certificates are set to expire between 2023 and 2024. Meanwhile, just 30 NBs are handling 80 percent of certificates set to lapse.

Since 2020, the European Commission (EC) has released over 50 updates and guidance documents on MDR/IVDR. This has frustrated manufacturers and their regulatory staff struggling to complete applications and achieve compliance as new documents are being released.

So where does MDR/IVDR currently stand, and why aren’t manufacturers ready? In this article, we examine these questions and why quality management system (QMS) automation is key to filling the gap.

EU MDR & IVDR Regulation: Why Aren’t Manufacturers Ready?

MDR entered into application in 2021 after a one-year pandemic-related delay, with IVDR following in May 2022. While some devices with certifications under the previous MDD/IVDD can still currently be on the market, all devices in the EU must comply with MDR/IVDR by May 26, 2024.

One big change is that previously unregulated devices like contact lenses and cosmetic implants will now require an MDR certificate. This has led to a huge spike in the number of applications that NBs need to manage. At the same time, these NBs have all had to undergo retraining to the new regulation, reducing the number of accredited NBs. This relative shortage of NBs has created a huge gap between certification capacity and the number of expiring certificates.

A 2021 survey by The European Association of Medical Devices Notified Bodies (Team NB) estimates that NBs can only expand capacity to roughly 6,300 certificates annually.

The only problem: Over 13,000 medical device certificates will expire in 2024, with the majority of applications yet to be submitted. The result is a mix of conditions likely to lead to certification delays, taking some products off the market.

Technical Documentation Remains a Key Challenge

The Team NB survey also showed significant issues with manufacturer preparedness for EU MDR & IVDR regulation, specifically around technical documentation requirements. The survey notes that 75% of NBs said at least half of applications have are incomplete based on technical documentation.

In response to the gap between certificates set to expire and NB capacity, the MDCG specifically points to manufacturer preparedness in this area. In its 2022 position paper, MDCG states, “…nearly 37% of manufacturers’ applications have been refused on the basis of incomplete applications, underlining an overall lack of manufacturers’ preparedness.”

Post-market surveillance (PMS) plans are a big pain point here. New PMS requirements need comprehensive planning to identify and manage device risks, drawing on data such as incidents, corrective actions, complaints and more. PMS plans are potentially complex, addressing elements such as:

  • Data collection processes
  • Indicators and threshold metrics for benefit-risk analysis
  • Documentation of quality processes such as complaint investigations, corrective actions, and incident management

The increase in documentation requirements highlights the need for an integrated QMS that integrates functions. As a result, processes can electronically connect in a system that demonstrates proper risk application.

Safeguarding Data Quality and Data Integrity

Today, manufacturers that are trying to manage data in spreadsheets and server drives are likely to run into MDR certification problems. This approach puts data integrity and quality at risk, calling into question whether a spreadsheet is appropriate for storing critical data.

The main issue is spreadsheets. For example, all it takes is an incorrect formula or entry and 100 complaints can become 10. Furthermore, if there’s an issue with a submission, a spreadsheet provides no transparency into what went wrong. EU MDR & IVDR regulation expects each step of a process to address accuracy and accountability.

Alternatively, digital records contained in the QMS provide a controlled electronic history. In addition, drop-down selection fields can limit typographical errors. If there’s a problem, you can review the audit history to see where any disconnects occurred.

Mapping Quality Data to EU MDR Certification Requirements

Another problem is that quality data can have multiple versions of the truth. For example, different departments may be using data on complaints from multiple sources. They will require a standard approach for submitting documentation, including manufacturer incident reports (MIR), clinical documentation and post-market surveillance plans.

To start, ask yourself these questions:

  • Where does my data come from, and in what system(s) does it reside?
  • What form is it accepted in?
  • Where will it be kept for future reference?
  • How can it be compromised?
  • Who is responsible for maintaining it?

In the modern quality environment, successful companies are taking the time to answer these questions. Furthermore, they are implementing secure, compliant systems that extracts QMS data necessary to populate and support submission requirements. As a result, their processes ensure data quality and integrity and validation of entries prior to submission. This provides a single source of truth when questions arise, whether from senior management, regulators, or NBs.


In conclusion, the reality is that the learning curve is steep for manufacturers making the transition to EU MDR. Furthermore, time is of the essence when it comes to keeping your products on the European market. EUDAMED compliance dates starting in 2023 add another layer to the data burden, requiring significant preparation ahead of time. Once mandatory, even devices with valid certificates still need to upload data to the database under MDR.

For many device and diagnostics manufacturers, EU MDR & IVDR regulation challenges have meant hiring a dedicated resource to manage compliance. Alternatively, others are reevaluating their go-to-market strategy, opting to undergo FDA approval first before going through the EU process.

In summary, any company using siloed quality processes will be unable to conduct smooth submissions. Those that rely on manual processes are more likely to feel the impact of certification certification delays. Alternatively, an automated QMS facilitates data standardization, data integrity, and facilitates timely submissions required by EU MDR & IVDR regulation.


About the Author

Stephanie Ojeda is Director of Product Management for the Life Sciences industry at AssurX. Stephanie brings more than 15 years of leading quality assurance functions in a variety of industries, including pharmaceutical, biotech, medical device, food & beverage, and manufacturing.

Related Reading:

AssurX Solution: EU MDR & IVDR MIR Submissions

EUDAMED Update: What You Need to Know Now

How to Establish Sustainable Validation for FDA & EU Compliance