Medical Device Compliance Glossary

Our glossary is designed for anyone navigating medical device regulations. Here, you’ll find clear definitions and explanations of key terms, acronyms, and industry-specific phrases essential for compliance. Whether you’re dealing with FDA approvals, CE marking, or ISO standards, this resource offers the crucial information you need for product development and regulatory approval.
UDI-PI (Production Identifier)

This code varies with each production and can include details like the manufacturing date and serial number, useful for tracking the device’s production specifics.

Automatic Identification and Data Capture (AIDC)

A broad category of technologies used to collect information from an individual, object, image or sound without manual data entry (ex. a barcode)

Basic UDI-DI

A key identifier used primarily for administrative and regulatory documentation, connecting all related records for devices with the same intended use, risk class, and design. It serves as the access key for device-related information in the EUDAMED database, streamlining regulatory submissions and maintaining consistent records across health systems.

CE Mark

This signifies that products sold in the EEA have been assessed to meet high safety, health, and environmental protection requirements.

Conformity Assessment

An audit of your company’s processes and your medical device’s technical data to make sure that they meet the EU’s standards and regulations required to be on the market.

Corrective and Preventative Actions (CAPA)

A quality management process that rectifies identified issues and/or implements measures to prevent future problems.

It involves taking steps to fix existing non-conformities and proactively addressing potential risks before they materialize. This process ensures products meet strict safety and quality standards.

EU In Vitro Diagnostic Regulations (EU IVDR)

A set of regulations that govern the safety and performance of in vitro diagnostic devices within the EU. This applies to devices concerning the examination of specimens such as blood and tissue to understand predisposition, treatment, response or other information in relation to a medical condition or disease.

EU Medical Device Regulations (EU MDR)

A set of legal requirements to ensure the safety and performance of medical devices that come into direct contact with humans, sold within the EU. This applies to products from bandages to implantable devices.

EU Periodic Safety Update Report (PSUR)

A report that summarizes the results and conclusions of the analysis of the post-market surveillance data gathered as a result of the Post-Market Surveillance Plan. The comprehensive report that presents an evaluation of the risk-benefit balance of a product, considering all available information since the product was marketed or since the last report. 

It includes data on the product's safety, including side effects, incidents, any corrective actions taken, and any new indications or modifications in usage based on real-world evidence. The PSUR helps regulatory authorities continuously monitor products' safety and effectiveness. A PSUR is only required for Class IIA, IIB and III devices.

EU Post-Market Clinical Follow-up (PMCF)

This process involves the continuous monitoring and collection of clinical data on a medical device after it has been approved for use. This data helps to confirm the safety and effectiveness of the device throughout its expected lifetime. 

PMCF activities can include clinical trials, registry studies, and the review of relevant scientific literature.

EU Post-Market Surveillance Report (PMSR)

A requirement for all Class I medical devices under the EU MDR framework. It provides a summary of post-market surveillance data, detailing the safety and performance of devices collected through post-market surveillance activities in your post-market surveillance plan.

EUDAMED Database

This database provides a picture of the lifecycle of medical devices, integrating different electronic systems to collate and process information about medical devices and related companies (e.g. manufacturers). EUDAMED aims to enhance overall transparency, including access to information for the public and healthcare professionals, and to enhance coordination between the different Member States in the EU.

European New Approach Notified and Designated Organisations (NANDO) Database

A database that provides a list of all notified bodies for each product legislation.

General Safety and Performance Requirements (GSPR)

Safety and performance requirements, standards, common specifications, and scientific advice for conformity assessments.

Human Readable Interpretation (HRI)

The printed characters that accompany a barcode or other data carrier.

IEC 62304

A standard that provides a framework for the lifecycle processes of medical device software, including the use of SOUP.

ISO 13485

Specifies requirements for a quality management system where an organization needs to demonstrate its ability to provide medical devices and related services that consistently meet customer and applicable regulatory requirements.

ISO 13485:2016

An international standard that outlines the requirements for a quality management system specific to the medical device industry. 

ISO 13485 focuses on ensuring product quality through risk management, company processes, regulatory compliance, and maintaining effective product processes for the safe design, manufacture, and distribution of medical devices. 

It is applicable to organizations regardless of their size or type, except where explicitly stated, and provides a framework for implementing regulatory and quality management system requirements globally.

MDR Code

Codes that apply to your device based on how the device works, designated by the European Commission. MDR codes are what Notified Bodies use to determine if they can review your device. Each Notified Body can review only certain types of devices and the MDR codes are used to distinguish between those types of devices.

Notified Body

Independent certification organizations designated by EU Member States to assess if a medical device or system meets the requirements for CE marking.

Post Market Surveillance (PMS)

The process of monitoring the safety and effectiveness of a medical device after it has been released on the market to ensure that any potential issues are identified and addressed in a timely manner.

PMS activities can include the collection and analysis of data related to device performance, adverse events, patient feedback, and clinical outcomes.

Software of Unknown Provenance (SOUP)

A term used across industries to describe software whose safety, performance, and potential risks are not fully known because it was not developed by the device manufacturer themselves. This includes off-the-shelf (OTS) software that has not been developed with a known software development process or methodology and could include anything from an operating system, a database management system, or even a software library.

Summary of Safety and Clinical Performance (SSCP)

A requirement for Class III and implantable medical devices. It provides a concise overview of a device's safety and clinical performance, including relevant clinical evaluation data. 

The SSCP is intended to be accessible to the public, especially healthcare professionals, to aid in informed decision-making about using these higher-risk devices. It includes but not limited to information about the device's intended purpose, indications, contraindications, summary of clinical evaluation, and any residual risks associated with its use.

UDI Carrier

This is the means of conveying the UDI by using AIDC and, if applicable, the HRI. The UDI carrier (AIDC and HRI representation of the UDI) shall be placed on the label or on the device itself and on all higher levels of device packaging.

UDI-DI (Device Identifier)

A code that is specific to a device model, offering detailed information as outlined in specific regulatory annexes, and it remains consistent across different units of the same model.

US FDA 522 Order

An order that mandates that manufacturers conduct further studies to assess the device's safety and effectiveness in a real-world setting. It is typically applied to higher-risk devices, such as those that are implanted or life-sustaining, to ensure ongoing public health protection and address specific concerns that arise after the device is in use. These orders can be issued anytime, rather than just during the approval process.

US FDA Humanitarian Device Exemption (HDE)

This exemption allows for the marketing of medical devices intended to treat or diagnose diseases affecting fewer than 8,000 individuals annually in the U.S. These devices may not have to demonstrate effectiveness but must prove safety and probable benefit.

US FDA Post-Approval Studies (PAS)

Studies that the FDA may require after PMA approval to gather additional information about a product's safety, effectiveness, or optimal use, often to address specific questions about the post-market performance of advanced medical devices.

US FDA Pre-Market Approval (PMA)

The FDA's process of scientific and regulatory review to evaluate the safety and effectiveness of Class III medical devices, which are those that support or sustain human life or present a potentially high risk of illness or injury.

US FDA Quality Management System Regulation (QMSR)

This combines the FDA's Quality System Regulation (QSR) regulations and ISO 13485. It refers to the set of standards and regulations that govern the quality management systems of medical device manufacturers. 

These regulations outline the processes, procedures, and documentation required to ensure that medical devices are consistently designed, produced, and controlled to meet specified quality standards. 

The aim is to ensure the safety and effectiveness of medical devices throughout their lifecycle, from design and manufacturing to distribution and post-market surveillance. In the U.S., the FDA enforces these requirements under 21 CFR Part 820, while internationally, ISO 13485 is widely recognized as the standard for medical device quality management systems.

US FDA Quality System Regulation (QSR)

Outlined in 21 CFR Part 820 and establishes the requirements for the quality management systems of manufacturers and suppliers of medical devices intended for the U.S. market. 

The regulation encompasses the methods and documentation for the design, testing, production, control, quality assurance, labeling, packaging, storage, and shipping of medical devices. It requires manufacturers to implement a comprehensive quality system that covers all stages of a device's lifecycle, from initial conception to delivery and post-market surveillance. 

The QSR is critical for compliance with FDA regulations and is foundational for maintaining high standards of quality and safety in medical device manufacturing. In 2024, it was combined with ISO 13485 and is now called the QMSR.

Universal Device Identifier (UDI)

A series of numeric or alphanumeric characters that is created through internationally accepted device identification and coding standards and that allows unambiguous identification of specific devices on the market.