Vigilance under the MDR is the mandatory system by which manufacturers report serious incidents and field safety corrective actions to the competent authorities of the Member States, so that safety signals from devices on the market are detected, investigated, and acted on across the Union. It is set out in Chapter VII, Section 2 of Regulation (EU) 2017/745. Articles 87 to 92. And the authoritative interpretive guidance is MDCG 2023-3 Rev.2, revised January 2025. Vigilance is not the same as post-market surveillance. PMS is the continuous proactive monitoring system. Vigilance is the reactive reporting arm that activates when a serious event occurs.

By Tibor Zechmeister and Felix Lenhard. Last updated 10 April 2026.

TL;DR

  • Vigilance under MDR is the legal reporting system for serious incidents and field safety corrective actions, governed by Articles 87 to 92 of Regulation (EU) 2017/745.
  • A serious incident is defined in Article 2(65) as any incident that directly or indirectly led, might have led, or might lead to death, serious deterioration in state of health, or a serious public health threat.
  • Vigilance is distinct from post-market surveillance. PMS under Articles 83 to 86 is proactive and continuous. Vigilance is reactive and triggers on a qualifying event.
  • MDCG 2023-3 Rev.2 (January 2025) is the Q&A document used by competent authorities and Notified Bodies to interpret vigilance terms and resolve edge cases.
  • Every manufacturer of every class of device placed on the Union market. Including startups with a single Class I product. Has a vigilance obligation. There is no exemption for small teams.

The arm strap that reshaped how we think about vigilance

A few years back we worked with a small MedTech company making a sleep-tracking device worn on the upper arm. Elegant hardware, small team, months of lab work on materials and biocompatibility. Everything that could be tested pre-market had been tested. The device launched. Then the field started talking back.

The signals were quiet at first. A customer service log here, a user feedback comment there, a distributor query about a skin reaction that did not fit anything in the IFU. Nothing loud. Nothing catastrophic. But a pattern was forming. And that pattern was the reason the MDR treats vigilance as a core obligation and not a formality. Because the question the team had to answer, on a clock, was this: is what we are seeing a serious incident under Article 2(65), and does it have to be reported to the competent authority.

That question. And the system that exists to answer it. Is what vigilance under the MDR is. It is not a filing cabinet. It is not a template. It is a live decision loop that every manufacturer has to run from the day the first unit ships until the last one is withdrawn.

What vigilance is under the MDR

Vigilance under the MDR is the set of legal obligations that govern how manufacturers recognise, report, investigate, and respond to serious incidents and field safety corrective actions involving devices they have placed on the Union market. It is codified in Chapter VII, Section 2 of Regulation (EU) 2017/745, specifically Articles 87 through 92.

Article 87 sets out the reporting obligation for serious incidents and field safety corrective actions. Article 88 governs trend reporting. The obligation to report statistically significant increases in the frequency or severity of non-serious incidents or expected side-effects. Article 89 requires the manufacturer to investigate reported events and sets out the competent authority's role in assessing them. Article 90 covers the analytical work that Member States perform on vigilance data. Article 91 concerns implementing acts on vigilance formats and procedures. Article 92 governs the electronic system for vigilance within Eudamed.

Together, these six articles form the legal skeleton of the vigilance system. The operational flesh on that skeleton comes from MDCG 2023-3 Rev.2. Questions and Answers on vigilance terms and concepts as outlined in Regulation (EU) 2017/745 and Regulation (EU) 2017/746, first published February 2023 and revised in January 2025. When a vigilance question cannot be answered from the Regulation alone, MDCG 2023-3 Rev.2 is where the Commission and competent authorities have written down how they interpret it.

Vigilance versus post-market surveillance. Why they are not the same system

One of the most persistent confusions in startup regulatory work is treating vigilance and post-market surveillance as interchangeable terms. They are not. They are two different obligations, under two different sets of articles, with two different purposes.

Post-market surveillance under Articles 83 to 86 is a proactive, continuous, planned system. Every manufacturer must have a PMS system proportionate to the device's risk class that actively and systematically gathers, records, and analyses relevant data on the quality, performance, and safety of a device throughout its entire lifetime. PMS runs whether anything is going wrong or not. Its job is to see patterns early.

Vigilance under Articles 87 to 92 is reactive. It activates when a specific qualifying event occurs. A serious incident, a field safety corrective action, a statistically significant trend. Its job is to make sure that when something goes wrong, the information gets to the competent authority fast enough that the Union-wide system can respond.

The two systems feed each other. PMS is how most serious incidents are actually detected. Not through dramatic headline events, but through patterns in customer service logs, complaint handling, and trend analysis. Vigilance is how those detected events are escalated to the regulator. For a deeper treatment see What Is Post-Market Surveillance Under MDR?.

What must be reported under vigilance

Three categories of events trigger a vigilance obligation.

Serious incidents under Article 87(1)(a). A serious incident is defined in Article 2(65) as any incident that directly or indirectly led, might have led, or might lead to the death of a patient, user or other person; the temporary or permanent serious deterioration of a patient's, user's or other person's state of health; or a serious public health threat. The key phrases are "directly or indirectly" and "led, might have led, or might lead". Indirect harm counts, and near-miss events count. We cover the classification decision in detail in Serious Incidents Under MDR.

Field safety corrective actions under Article 87(1)(b). An FSCA is any action taken by the manufacturer to reduce a risk of death or serious deterioration associated with a device in use. Recalls, modifications, software updates addressing a safety issue, IFU changes triggered by a safety concern, and device removals from the market are all FSCAs. When a manufacturer initiates one, it is reportable under Article 87.

Trends under Article 88. When the frequency or severity of incidents that are not serious incidents, or of expected side-effects that are documented in the technical documentation, increases significantly and could represent an unacceptable risk, the manufacturer must report the trend to the competent authority. Article 88 is how the MDR catches slow-moving patterns that never individually cross the serious incident threshold but collectively do.

Events that do not meet any of these thresholds are still recorded in the PMS system and feed the Article 86 PSUR or the Article 85 PMS report. Vigilance reporting is the tip of the iceberg. PMS is the rest of it.

To whom a manufacturer reports

Under Article 87(1), the manufacturer reports to the competent authorities of the Member States in which the serious incident occurred or the FSCA was undertaken. The specific national competent authority depends on the country. In Austria, BASG; in Germany, BfArM; in France, ANSM; and so on across the Union. When Eudamed's vigilance module under Article 92 is fully operational, reports flow through the electronic system and are automatically shared with the relevant Member States. In the interim, national reporting channels remain in use as each competent authority directs.

Notified Bodies are not the primary recipients of vigilance reports, but they are informed and they will ask about vigilance activity during surveillance audits of the QMS. An incomplete or poorly documented vigilance process is one of the faster ways to collect a major non-conformity.

Reporting timelines at a glance

Article 87(3) sets the upper limits. The clock starts from the manufacturer's awareness of the event.

  • 2 days after awareness for a serious public health threat is not the rule. That is 10 days. The 2-day rule applies in the event of death or an unanticipated serious deterioration in a person's state of health.
  • 10 days after awareness in the event of a serious public health threat.
  • 15 days after awareness for any other serious incident. This is the default upper limit.

The overarching obligation is to report without delay. The numeric limits are ceilings, not targets. For the full treatment of awareness dates and clock mechanics, see Vigilance Reporting Timelines: 15-Day, 10-Day, and 2-Day Clocks.

How MDCG 2023-3 Rev.2 interprets edge cases

Most vigilance calls are not clean. A signal arrives. Is it an incident at all. If it is, is it serious. Is the harm directly or indirectly linked to the device. Is a use-error an ergonomic design problem or a user failing to read the IFU. Did the clock start when the distributor heard about the event or when the manufacturer's QA team confirmed it.

MDCG 2023-3 Rev.2 exists to answer those questions consistently across the Union. The document is structured as a Q&A and covers the distinction between incidents and serious incidents, the interpretation of "serious deterioration," the treatment of malfunctions that did not harm anyone, how to handle indirect harm, what constitutes a public health threat, how to determine the manufacturer's awareness date, when field safety corrective actions are reportable, how to handle periodic summary reporting for well-understood repetitive events, and how Eudamed interacts with national reporting.

In the arm-strap case, the Q&A was exactly where the decision got made. Some of the skin irritation reports were handled as individual serious incident reports under Article 87. Others were handled as trend reporting under Article 88. The classifications were defended, in writing, against the specific Q&A items. And that documented reasoning is what survived the subsequent Notified Body audit. The document is not binding law, but competent authorities and Notified Bodies treat it as the reference, and unexplained divergence from it is a risk a startup does not need to carry.

What a startup actually has to do

Every manufacturer of every class of device placed on the Union market has a vigilance obligation. There is no small-company exemption. There is no grace period for the first year after CE marking. The obligations are proportionate to risk, not to team size. A three-person startup with a single Class I product still needs a named vigilance owner, a documented process, an intake channel, a decision log, and a path to the competent authority.

The operational minimum under Articles 87 to 92 looks like this. One named vigilance owner. Usually overlapping with the Article 15 Person Responsible for Regulatory Compliance in a small team, but operationally distinct because vigilance decisions have to happen fast and cannot wait for a busy PRRC. One short SOP that maps each step to the specific MDR article or MDCG 2023-3 Rev.2 Q it derives from. One intake channel that catches signals from customer service, sales, distributors, PMS data review, and literature scans. One decision log that records every classification call, the reasoning, and the source references. One escalation path into the CAPA process under the QMS standard EN ISO 13485:2016 + A11:2021 and the risk management process under EN ISO 14971:2019 + A11:2021. And one dry-run exercise on the calendar, at least annually, to make sure the process actually runs under time pressure.

That is the whole thing. It is not a twenty-page SOP. It is a working system.

The Subtract to Ship angle on vigilance

Vigilance is one of the areas where the instinct to add more is strongest, because the stakes are obvious and the regulator is watching. Founders respond by building enormous SOPs, multi-stage approval workflows, and elaborate escalation boards. And then nobody runs them when a signal actually arrives at 6pm on a Friday.

Subtracting in vigilance does not mean cutting legal obligations. Every Article 87 requirement stays. It means cutting the bureaucratic layer that stops the real work from happening. The test is the same test we apply everywhere in the Subtract to Ship framework for MDR: for every step in the process, name the specific article, annex, or MDCG Q the step traces back to. If the trace is clean, the step stays. If there is no trace, the step is ceremony and it comes out. What is left is short enough that the team can actually run it when the signal lands.

Reality Check. Where do you stand?

  1. Can you name, today, the person responsible for classifying serious incidents in your company? Have they read Articles 87 to 92 and MDCG 2023-3 Rev.2 in full?
  2. If a signal arrives at 6pm on a Friday, what is the documented path from intake to classification decision by Monday morning?
  3. Does your team understand the difference between an incident, a serious incident, a trend-reportable event, and a non-reportable observation. And is the reasoning documented for each call?
  4. Is your vigilance system connected to your PMS system, or is it a separate binder that only opens when someone complains loudly?
  5. Do you have a documented decision log for non-reportable events, showing the Regulation and Q&A provisions you relied on?
  6. When was the last dry-run of your vigilance process. A simulated serious incident pushed through the full decision path under time pressure?
  7. If a Notified Body auditor asked you to show the last twelve months of vigilance activity tomorrow, could you?

Frequently Asked Questions

What is vigilance under MDR in one sentence? Vigilance under MDR is the legal system, set out in Articles 87 to 92 of Regulation (EU) 2017/745, by which manufacturers report serious incidents and field safety corrective actions to the competent authorities of the Member States so that safety signals from devices on the Union market are detected, investigated, and acted on.

How is vigilance different from post-market surveillance? Post-market surveillance under Articles 83 to 86 is a proactive, continuous, planned system that gathers and analyses real-world data across a device's entire lifetime. Vigilance under Articles 87 to 92 is reactive and activates when a specific qualifying event. A serious incident, an FSCA, or a reportable trend. Occurs. PMS is how events are typically detected; vigilance is how they are escalated to the regulator.

Does a Class I startup really have to run a vigilance system? Yes. Every manufacturer of every class of device placed on the Union market has a vigilance obligation under Article 87. The obligations scale with risk, not with team size. A three-person company with a single Class I product still needs a named owner, a documented process, an intake channel, and a classification decision log.

What is MDCG 2023-3 Rev.2? MDCG 2023-3 Rev.2 is the Questions and Answers document on vigilance terms and concepts under Regulation (EU) 2017/745 and (EU) 2017/746, first published in February 2023 and revised in January 2025. It is the primary interpretive reference used by competent authorities and Notified Bodies when resolving borderline vigilance questions. Any edge case should be worked through with this document open.

Where does the manufacturer actually send a vigilance report? Under Article 87, reports go to the competent authority of the Member State in which the serious incident occurred or the FSCA was undertaken. Each Member State designates its own competent authority. BASG in Austria, BfArM in Germany, ANSM in France, and so on. When Eudamed's vigilance module under Article 92 is fully operational, reports flow through the electronic system and are shared automatically with the relevant Member States.

Sources

  1. Regulation (EU) 2017/745 of the European Parliament and of the Council of 5 April 2017 on medical devices, Article 2(65) (definition of serious incident), Article 83 (post-market surveillance system), Article 86 (periodic safety update report), Article 87 (reporting of serious incidents and field safety corrective actions), Article 88 (trend reporting), Article 89 (analysis of serious incidents and field safety corrective actions), Article 90 (analysis of vigilance data), Article 91 (implementing acts), Article 92 (electronic system on vigilance and on post-market surveillance). Official Journal L 117, 5.5.2017.
  2. MDCG 2023-3 Rev.2. Questions and Answers on vigilance terms and concepts as outlined in Regulation (EU) 2017/745 and Regulation (EU) 2017/746, first publication February 2023, Revision 2 January 2025.
  3. EN ISO 13485:2016 + A11:2021. Medical devices. Quality management systems. Requirements for regulatory purposes.
  4. EN ISO 14971:2019 + A11:2021. Medical devices. Application of risk management to medical devices.

This post is part of the Post-Market Surveillance & Vigilance series in the Subtract to Ship: MDR blog. Authored by Felix Lenhard and Tibor Zechmeister. Vigilance is where the Regulation stops being an abstraction and starts being a live, running obligation. And where a disciplined, short, article-traced process is the only version that survives contact with a real signal.