MDR Annex III is the separate, dedicated technical documentation on post-market surveillance required alongside Annex II. It contains the post-market surveillance plan — covering data collection, analysis, and the feedback loop into risk management and clinical evaluation — plus the PMS report (for Class I devices) or the Periodic Safety Update Report (for Class IIa, IIb, and III devices), and the post-market clinical follow-up plan and evaluation report. Article 10(4) of Regulation (EU) 2017/745 obliges manufacturers to maintain both annexes. Annex III is not an appendix to Annex II and not the PMS system itself — it is the documentary evidence that the PMS system exists, is proportionate, and is working.

By Tibor Zechmeister and Felix Lenhard. Last updated 10 April 2026.

TL;DR

  • Annex III of Regulation (EU) 2017/745 specifies the technical documentation on post-market surveillance. It is separate from Annex II but required by the same Article 10(4) obligation.
  • Annex III contains two things: the post-market surveillance plan, and the reports the plan produces — the PMS report under Article 85 for Class I devices, or the Periodic Safety Update Report (PSUR) under Article 86 for Class IIa, IIb, and III devices. The post-market clinical follow-up plan and evaluation report under Annex XIV Part B live inside this structure.
  • The PMS plan must describe proactive and reactive data sources, indicators and thresholds, responsibilities, and the connections into risk management (EN ISO 14971:2019+A11:2021), clinical evaluation, vigilance, and CAPA.
  • MDCG 2025-10 (December 2025) is the current operational guidance on how the Annex III documentation should be built proportionate to the class and type of device.
  • The most common startup failure is treating Annex III as a section of Annex II or as a placeholder. It is neither. Auditors open it as a distinct file and check that it links back to Annex II without being absorbed into it.

The sleep strap and the case for Annex III

The clearest argument for why Annex III exists sits in a story one of our small MedTech clients still remembers without needing notes. A sleep-monitoring device with a textile-and-polymer arm strap. Biocompatibility testing ran before market. Everything in the lab passed. The notified body accepted the file. The product launched. Weeks later, skin irritations started showing up in the complaint log. Extended overnight wear, perspiration, a textile interface that had never been evaluated against months of continuous real-world contact. Lab testing had done what lab testing does. Real users had done what real users do.

The reason the problem was caught, trended, and corrected before it escalated is that the PMS system was running — and the reason the PMS system was running was that the Annex III documentation had been written as a living document, not a placeholder. The complaint coding scheme had been defined. The threshold for flagging a cluster had been defined. The owner of the weekly review had been named. The link to the risk file was live. When the first three complaints landed, the system did not rely on anyone's memory. It produced a signal, triggered a risk reassessment, and routed into a design change that updated the material specification. The full mechanics of this story are covered in what post-market surveillance under MDR actually is. The point for this post is that the plan on the shelf was the reason the real-world work happened.

Annex III is the shelf. If the shelf is empty, the real-world work does not happen, no matter how much anyone intended it to.

What Annex III is for

The purpose of Annex III is narrow and specific. It defines what documentation a manufacturer must produce to show that the post-market surveillance obligation in Articles 83 to 86 of Regulation (EU) 2017/745 is being met. Article 10(4) is the anchor:

"The technical documentation shall include the elements set out in Annexes II and III." — Regulation (EU) 2017/745, Article 10, paragraph 4.

Two annexes, one obligation. Annex II is the conformity evidence for the device. Annex III is the conformity evidence for the surveillance system around the device after it is on the market. Auditors read them as two linked files. A startup that writes one without the other is submitting half a technical documentation.

The distinction matters because the failure modes are different. Annex II failures tend to be structural — missing GSPR cells, broken cross-references, label claims that exceed evidence. Annex III failures tend to be operational — a PMS plan that describes a process nobody is actually running, data sources that are listed but not being monitored, thresholds that have no owner. An auditor can tell the difference between a plan that is lived and a plan that was written to pass the audit. The lived plan has signatures, review dates, actual entries, and change history. The performative plan has none of those.

What Annex III actually contains

Annex III of Regulation (EU) 2017/745 requires two bundles of content. The first is the post-market surveillance plan. The second is the set of reports the plan produces over the life of the device.

The PMS plan

The PMS plan is the written description of how the manufacturer will systematically and actively collect, record, and analyse relevant data on the quality, performance, and safety of the device throughout its lifetime. Annex III lists the specific elements the plan has to cover: a proactive and systematic process for collecting post-market information, the methods and protocols for assessing the data collected, suitable indicators and threshold values for the re-assessment of the benefit-risk analysis and of the risk management, effective and appropriate methods and tools to investigate complaints and analyse market-related experience, methods and protocols to manage the events subject to the trend report under Article 88 including communication with competent authorities, notified bodies, economic operators, and users, methods and protocols to fulfil the vigilance obligations under Articles 87 and 88, the systematic procedures to identify and initiate appropriate measures including corrective actions, effective tools to trace and identify devices for which corrective actions might be necessary, and a PMCF plan in accordance with Annex XIV Part B, or a justification why PMCF is not applicable.

That is the full shape. Every startup PMS plan has to cover every bullet, proportionate to the class and risk profile of the device. A Class I software device has a shorter plan than a Class III implantable — but every bullet is addressed in both. "Not applicable" without justification is not a valid state. The PMCF justification, when PMCF is not applicable, has to be reasoned against Annex XIV Part B. Silence is a finding.

We walk through the PMS plan in operational detail in how to write an MDR PMS plan that actually runs.

The PMS report (Class I) or the PSUR (Class IIa, IIb, III)

The second bundle is the periodic output. For Class I devices, Article 85 of the Regulation requires a PMS report that summarises the results and conclusions of the analyses of the PMS data gathered under the PMS plan, together with a rationale and description of any preventive and corrective actions taken. The PMS report is updated when necessary and made available to the competent authority upon request.

For Class IIa, Class IIb, and Class III devices, Article 86 requires a Periodic Safety Update Report — the PSUR. The PSUR summarises the results and conclusions of the analyses of PMS data, the main findings of the PMCF, and the volume of sales of the device together with an estimate of the size and other characteristics of the population using the device. Class IIa PSURs are updated when necessary and at least every two years. Class IIb and Class III PSURs are updated at least annually. For Class III and implantable devices, the PSUR is part of the technical documentation assessed by the notified body and, once available, is uploaded to Eudamed.

The post on PSUR requirements under MDR for startups covers the reporting mechanics; here the point is that the PSUR or PMS report is the evidence that the plan produced something. A plan without reports is a plan that did not run.

The PMCF plan and evaluation report

Post-market clinical follow-up is the clinical component of post-market surveillance. The PMCF plan and the PMCF evaluation report are specified in Annex XIV Part B of Regulation (EU) 2017/745 and referenced directly from Annex III. PMCF is proactive clinical data collection from the device in normal use, used to confirm the clinical performance and safety, to identify previously unknown side effects, and to continuously update the benefit-risk determination and the clinical evaluation.

When PMCF is not considered applicable, Annex III requires the reasoned justification to sit inside the PMS plan. The justification is sampled on audit. We cover the mechanics in PMCF under MDR — what it is and when it applies.

How Annex III integrates with Annex II

Annex III is separate from Annex II, but the two files do not exist in isolation. The integration points are specific and checkable.

The intended purpose written in Annex II Section 1 is the reference point for the PMS plan — the PMS data sources and indicators have to reflect the actual intended purpose and patient population, not a generic version. The risk management file in Annex II Section 5, built under EN ISO 14971:2019+A11:2021, is a bidirectional link: the PMS plan feeds new hazards and new frequency data into the risk file, and the risk file feeds thresholds and priority hazards into the PMS monitoring. The clinical evaluation report in Annex II Section 6 is updated using PMCF data collected under Annex III and fed back through the clinical evaluation cycle. The labelling and IFU in Annex II Section 2 are updated when PMS findings require a new warning, a new contraindication, or a clarified use instruction.

Every one of these integration points is a place where an auditor will pick a thread and follow it across both files. If the thread breaks — if a PMS finding exists in Annex III but the risk file in Annex II shows no reassessment, or if the clinical evaluation in Annex II has not ingested the PMCF data in Annex III — the finding is structural and substantive at the same time.

The MDR Annex II structure walkthrough describes the Annex II side; Annex III is the file that lives beside it and feeds into it.

Annex III versus the PMS system itself

One distinction that trips startups up is the difference between the PMS system and the Annex III documentation of it. The system is the actual ongoing activity — the complaint coding, the weekly trend review, the risk file updates, the CAPA triggers. The Annex III documentation is the written representation of that system, together with the reports it produces.

The documentation is not the system. A beautifully written PMS plan that describes an activity nobody is running is a liability, not an asset — it creates an expectation the auditor will check and find unmet. Equally, a working PMS activity with no written plan is an audit finding waiting to happen, because Annex III demands the documentation.

The rule is simple. Write only what you will actually do, and do everything you write. The plan sits on the shelf and describes the reality. The reality produces records the plan can point to. MDCG 2025-10 (December 2025) describes how a proportionate PMS system interacts with the surrounding QMS processes and is the current operational reference for the shape of the Annex III content.

What auditors expect to see

Auditors open Annex III looking for a short, specific set of things. A current PMS plan with a version number and a review date. A named responsible person. Data sources listed with the method of collection and the owner. Indicators and thresholds with the rationale for where the threshold sits. A working link from each threshold to the risk file entry it corresponds to. A recent PMS report or PSUR, with the class-appropriate update frequency respected. A PMCF plan, or a reasoned justification for non-applicability referencing Annex XIV Part B. Evidence that the reports have been used — that is, that findings have been routed into risk management updates, clinical evaluation updates, and where warranted, CAPA.

The fastest way to fail the Annex III audit is to produce the plan and nothing else. The plan is the starter. The reports and the evidence of use are the dish. A first audit that arrives with a plan but no PMS report for a Class I device already on the market, or no PSUR for a Class IIa device past the update deadline, has produced the finding before the auditor has read the first sentence.

Common gaps

  • Annex III folded into Annex II. The PMS section appears as a chapter of the main technical file instead of as a separate annex. The auditor has to dig to find it, and the structural expectation is not met.
  • A plan with no owner. The PMS plan exists but no named person is responsible for running it. When the auditor asks who reviews the data weekly, nobody answers first.
  • Thresholds without rationale. The plan lists indicators and thresholds but cannot explain where the thresholds came from. The risk file and the PMS plan use different numbers for the same hazard.
  • No PMCF justification. PMCF is declared not applicable without a reasoned reference to Annex XIV Part B. Silence is treated as a gap.
  • Reports missing or late. Class IIa PSUR overdue. Class I PMS report not produced since launch. The plan is intact but the outputs are not.
  • No feedback into risk or clinical evaluation. The PMS data exists. The risk file and the clinical evaluation report have not been updated. The loop is written but not closed.
  • Generic text copied from templates. The plan describes a generic device and a generic process instead of the specific one. Placeholder text still present.
  • Website and post-market reality disconnected. Marketing claims added after launch that the PMS plan never ingested and the technical file never reassessed.

Every one of these is preventable. The common PMS documentation gaps in startup audits post catalogues the full pattern library.

The Subtract to Ship angle

Annex III is one of the places where subtraction pays off most directly, because the temptation to produce a large, impressive-looking PMS plan is high and the cost of producing a plan the team cannot actually run is higher still. The right Annex III document for a small MedTech startup is short, specific, and lived. Every data source in the plan has to be one the team will actually monitor. Every indicator has to be one someone will actually calculate. Every threshold has to be one someone will actually act on. Anything the team will not realistically do comes out.

The subtraction discipline is the same one described in the Subtract to Ship framework for MDR. Every element in the plan traces to a specific Annex III requirement and to a specific, named operational activity the company is running. If either trace is missing, the element comes out. What remains is smaller than a generic template and more likely to survive the audit, because it describes reality rather than aspiration.

A Class I digital health startup can run a compliant Annex III with a plan under ten pages and a PMS report updated on a cadence the team can sustain. A Class IIa device needs more, proportionate to the class. The rule does not change with class — the rule is that the plan is lived.

Reality Check — Where do you stand?

  1. Do you have a separate Annex III file, or is post-market surveillance a chapter inside your Annex II technical documentation?
  2. Does your PMS plan have a version number, a review date, and a single named owner who runs the weekly or monthly review?
  3. Can you list the data sources in your PMS plan — and for each, name the person who collects the data and the method of analysis?
  4. Do the thresholds in your PMS plan match the severity categories in your ISO 14971 risk file, and can you explain the rationale for each one?
  5. For a Class I device already on the market, have you produced a PMS report under Article 85? For Class IIa, is your PSUR under Article 86 current? For Class IIb or III, is it updated at least annually?
  6. If PMCF is not applicable to your device, is the justification in your PMS plan written against Annex XIV Part B specifically?
  7. When the last PMS finding arrived, did it trigger a documented update to the risk file, the clinical evaluation, or the labelling — or did it sit in the complaint log?
  8. If the auditor asked to see the last PSUR and the last risk file update, could you show how the one fed into the other?

Frequently Asked Questions

What is MDR Annex III and how is it different from Annex II? Annex III of Regulation (EU) 2017/745 is the technical documentation on post-market surveillance. It contains the PMS plan and the reports the plan produces — the PMS report for Class I devices under Article 85, or the Periodic Safety Update Report (PSUR) for Class IIa, IIb, and III devices under Article 86, plus the PMCF plan and evaluation report under Annex XIV Part B. Annex II is the main technical documentation that demonstrates conformity of the device with the General Safety and Performance Requirements in Annex I. Article 10(4) obliges the manufacturer to maintain both annexes.

Is Annex III a separate file or a section of Annex II? Separate. Annex III is a distinct annex in the Regulation and is treated as a distinct file in audit practice. It cross-references into Annex II at specific points — the intended purpose, the risk management file, the clinical evaluation — but it is not an appendix to Annex II and should not be folded into it. Startups that treat Annex III as a chapter of Annex II routinely pick up structural findings.

What does Annex III require a PMS plan to contain? Annex III lists specific elements: a proactive and systematic data collection process, methods and protocols for assessing the data, indicators and thresholds for re-assessing benefit-risk and risk management, methods for investigating complaints and analysing market experience, methods for handling trend reports under Article 88 and vigilance under Articles 87 and 88, procedures for initiating corrective actions, tools for tracing and identifying devices subject to corrective actions, and a PMCF plan per Annex XIV Part B (or a reasoned justification if PMCF is not applicable).

Do Class I devices need Annex III documentation? Yes. MDR Article 83 requires a proportionate post-market surveillance system for every device regardless of class, and Annex III specifies the documentation. For a Class I device, the periodic deliverable is a PMS report under Article 85 rather than a PSUR. The PMS plan, PMCF considerations, and connections to vigilance and CAPA still apply. MDCG 2025-10 (December 2025) describes the proportionality in practice.

How often does the PSUR need to be updated? Under Article 86 of Regulation (EU) 2017/745, the PSUR for Class IIa devices is updated when necessary and at least every two years. For Class IIb and Class III devices, the PSUR is updated at least annually. For Class III and implantable devices, the PSUR is part of the technical documentation assessed by the notified body and, once Eudamed is fully functional for this purpose, is uploaded there. Class I devices use the PMS report under Article 85 and update it when necessary.

What is the most common Annex III audit finding? In our experience, the single most common finding is a PMS plan that is written but not lived — data sources listed without owners, thresholds without rationale, reports missing or late, and no evidence that PMS findings have been fed back into the risk file and the clinical evaluation. The plan sits on the shelf. The activity does not happen. The auditor notices within the first few questions.

Sources

  1. Regulation (EU) 2017/745 of the European Parliament and of the Council of 5 April 2017 on medical devices, Article 10(4) (obligation to draw up technical documentation as set out in Annexes II and III), Article 83 (post-market surveillance system), Article 84 (post-market surveillance plan), Article 85 (post-market surveillance report for Class I devices), Article 86 (Periodic Safety Update Report for Class IIa, IIb, and III devices), Annex II (technical documentation), Annex III (technical documentation on post-market surveillance), Annex XIV Part B (post-market clinical follow-up). Official Journal L 117, 5.5.2017.
  2. EN ISO 13485:2016 + A11:2021 — Medical devices — Quality management systems — Requirements for regulatory purposes.
  3. EN ISO 14971:2019 + A11:2021 — Medical devices — Application of risk management to medical devices.
  4. MDCG 2025-10 — Guidance on post-market surveillance of medical devices and in vitro diagnostic medical devices, December 2025.

This post is part of the Technical Documentation & Labeling series in the Subtract to Ship: MDR blog. Authored by Felix Lenhard and Tibor Zechmeister. Tibor has audited Annex III documentation on both sides of the Notified Body table — as the lead auditor sampling the PMS plan against the reports it produced, and as a founder running the PMS system the plan described. The shelf and the reality have to match. When they do, Annex III is the quietest part of the audit. When they do not, it is the loudest.