In the United States, the Food and Drug Administration (FDA) is the primary agency that monitors medical device usage for safety compliance. Specifically, this work falls under the FDA’s Center for Devices and Radiological Health (CDRH), which is responsible for ensuring that patients and providers have safe, effective, and high-quality medical devices. But the FDA doesn’t work alone. A layered system of manufacturers, hospitals, international regulators, and even patients all play defined roles in tracking device safety after a product reaches the market.
The FDA’s Role in Device Safety
CDRH oversees the entire lifecycle of a medical device, from initial approval through years of real-world use. Once a device is on the market, the agency collects safety reports, monitors trends in adverse events, and has the authority to issue recalls when problems emerge. It maintains several public databases that track device performance, including the Manufacturer and User Facility Device Experience (MAUDE) database, which has collected reports of device-related problems since the early 1990s.
The FDA also operates the Total Product Life Cycle (TPLC) database, which pulls together premarket approval records, adverse event reports from MAUDE, and recall history into a single searchable tool. You can look up a device by name or product category to see its full safety record. This is one of the most practical resources available if you want to check the track record of a specific type of device, though it organizes information by generic device category rather than individual brand names.
Who Is Required to Report Problems
Federal law requires multiple parties to report device-related safety problems, not just manufacturers. The Medical Device Reporting (MDR) system creates overlapping layers of accountability so that problems are less likely to go unnoticed.
Manufacturers carry the heaviest reporting burden. They must submit a report to the FDA within 30 calendar days of becoming aware that one of their devices may have caused or contributed to a death, serious injury, or malfunction. If a problem is urgent enough to require immediate corrective action to prevent substantial public harm, the timeline shrinks to just 5 business days.
Hospitals and other healthcare facilities that use devices (called “user facilities” in regulatory language) are also legally required to file reports when they become aware of a device-related death or serious injury. Distributors who handle devices in the supply chain have their own reporting obligations as well. The MAUDE database categorizes every report by its source: manufacturer, user facility, distributor, or voluntary reporter. This transparency lets anyone reviewing the data understand where safety signals are coming from.
How Patients and Consumers Can Report
Beyond the mandatory reporting channels, the FDA actively encourages patients, caregivers, and healthcare professionals to submit voluntary safety reports through its MedWatch program. You can file a report by completing the MedWatch Online Reporting Form on the FDA’s website, downloading a paper version of the form, or calling 1-800-332-1088 to request one by mail. Reports can also be faxed.
These voluntary reports matter more than many people realize. They often capture problems that fall outside the narrow categories manufacturers are required to report, such as usability issues, unexpected side effects, or patterns of misuse that suggest a device’s instructions are unclear. Voluntary reports have been flowing into the system since 1993 and form a significant portion of the data the FDA uses to detect emerging safety concerns.
How Recalls Work
When the FDA determines that a device poses a safety risk, it can initiate or oversee a recall. Recalls are classified into three tiers based on how dangerous the problem is:
- Class I: The most serious level, where there is a reasonable probability that using the device will cause serious health consequences or death.
- Class II: The device may cause temporary or reversible health problems, or the chance of serious consequences is remote.
- Class III: The device is unlikely to cause any adverse health effects, but still doesn’t meet regulatory standards.
Most recalls are technically voluntary, meaning the manufacturer initiates them after identifying a problem or being notified by the FDA. However, the FDA has the legal authority to mandate a recall if a company refuses to act. All active and past recalls are publicly searchable through the FDA’s databases.
Manufacturer Monitoring After Market Release
Regulatory oversight doesn’t end once a device is approved. Manufacturers are expected to maintain ongoing surveillance programs that actively look for problems rather than simply waiting for complaints to arrive. In both the U.S. and the European Union, this takes the form of structured post-market surveillance plans.
Under the EU’s Medical Device Regulation (2017/745), manufacturers must develop a post-market clinical follow-up (PMCF) plan for each device family. These plans are designed to confirm safety and performance throughout a device’s expected lifetime, identify previously unknown side effects, detect emerging risks based on real-world evidence, and spot patterns of off-label use that might indicate the device’s instructions need updating. For implantable devices and the highest-risk device categories, manufacturers may be required to conduct formal post-market clinical studies with defined sample sizes, endpoints, and statistical justification.
This requirement reflects a broader shift in device regulation: the expectation that safety monitoring is a continuous process, not a one-time checkpoint at the moment of approval.
International Regulators
Outside the United States, separate agencies handle device safety monitoring, each with its own reporting systems and databases.
In the European Union, the European Database on Medical Devices (EUDAMED) serves as the centralized electronic reporting system. Manufacturers and national regulatory authorities report safety incidents into EUDAMED, and the EU Commission uses the aggregated data to perform trend analysis and signal detection across member states. Each EU country also has its own national competent authority that handles local enforcement and incident investigation.
In the United Kingdom, the Medicines and Healthcare products Regulatory Agency (MHRA) monitors device safety. The MHRA manages the Yellow Card scheme, a reporting system originally created for drug side effects but expanded to cover medical devices as well. Healthcare professionals, patients, parents, and caregivers can all submit Yellow Card reports when they suspect a device has caused harm. The MHRA is supported by five regional Yellow Card centres located in Birmingham, Cardiff, Edinburgh, Liverpool, and Newcastle upon Tyne, which work to increase awareness and encourage reporting across the country.
How These Systems Work Together
No single entity monitors device safety in isolation. The system is designed with intentional redundancy. Manufacturers track their own products and report to regulators. Hospitals independently report incidents they witness. Patients fill gaps through voluntary reporting. And regulatory agencies like the FDA, MHRA, and EU national authorities analyze the incoming data, look for patterns, and take enforcement action when needed.
This layered approach exists because any single reporting channel has blind spots. A manufacturer might not learn about a problem if the hospital doesn’t tell them. A hospital might not recognize a pattern across multiple patients. A regulator might not detect a slow-building safety signal without data from all sources feeding into the same system. The overlapping obligations are designed to make it harder for serious problems to slip through undetected.