QMSEU

EU Medical Device Regulation (MDR) 2017/745 QMS and Technical File

Build a technical file you can maintain through change.

Focus: Annex II/III structure, GSPR traceability, and QMS controls that keep evidence coherent (especially for software updates).

Back to main artifactReview sources
Author
Sorena AI
Published
Feb 22, 2026
Updated
Feb 22, 2026
Sections
4

Structured answer sets in this page tree.

Primary sources
3

Cited legal and guidance references.

Publication metadata
Sorena AI
Published Feb 22, 2026
Updated Feb 22, 2026
Overview

Under MDR, the technical file is not just a folder - it is the output of your QMS. The fastest way to reduce audit pain is to design a technical file index that matches Annex II/III and to build QMS processes (document control, change control, supplier control, PMS/vigilance) that continuously update the evidence chain.

Section 1

QMS controls that matter most under MDR

You do not need a huge procedure library. You need a QMS that keeps the evidence chain coherent across design, clinical, post-market, labeling, and registration work.

Control: every process should have an owner, required records, review cadence, and a retrieval path that works during an audit.

  • Article 10 manufacturer controls: document control, design and change control, supplier control, complaint handling, CAPA, internal audits, management review, and technical-documentation maintenance.
  • Article 15 PRRC coverage: name the responsible person, define release and escalation touchpoints, and keep expertise evidence current. Micro and small enterprises still need permanent and continuous access to a qualified PRRC.
  • UDI governance inside the QMS: Article 10(9)(h) requires verification of UDI assignments and consistency of Article 29 information.
  • PMS and vigilance integration: complaints, trend signals, serious incidents, and FSCA actions should feed CAPA, risk management, CER updates, and label changes.
  • Legacy-device transition control: significant-change assessments, application records, written agreements, and surveillance-transfer files should sit inside the QMS, not outside it.
Section 2

Annex II and III technical documentation: build an index before filling it

A stable Annex II and III index reduces rework and makes reviews faster. The file should tell a consistent story even when the device changes over time.

Output: a technical-file table of contents with document IDs, owner, approval status, and links to the current evidence record.

  • Annex II device description and specification, including intended purpose, variants, accessories, and family logic such as Basic UDI-DI.
  • Annex II design and manufacturing information, including critical suppliers, outsourced processes, and software build or deployment dependencies.
  • Annex II GSPR checklist with explicit evidence links to tests, risk controls, clinical evidence, labeling, usability, and cybersecurity material where relevant.
  • Annex II verification and validation set: bench, biocompatibility, software V and V, performance, usability, sterilisation, packaging, and shelf-life evidence as applicable.
  • Annex III PMS file: PMS plan, PMS report or PSUR, vigilance interfaces, CAPA linkage, and change records showing post-market feedback into the file.
Recommended next step

Keep EU Medical Device Regulation (MDR) 2017/745 QMS and Technical File in one governed evidence system

SSOT can take EU Medical Device Regulation (MDR) 2017/745 QMS and Technical File from reusing this material inside a governed evidence system to a reusable workflow inside Sorena. Teams working on EU Medical Device Regulation (MDR) 2017/745 can keep owners, evidence, and next steps aligned without copying this guide into separate documents.

Evidence system
Open SSOT for EU Medical Device Regulation (MDR) 2017/745 QMS and Technical File

Start from EU Medical Device Regulation (MDR) 2017/745 QMS and Technical File and keep documents, evidence, and control records in one governed system.

Explore next step
Talk to Sorena
Talk through EU Medical Device Regulation (MDR) 2017/745

Review your current process, evidence gaps, and next steps for EU Medical Device Regulation (MDR) 2017/745 QMS and Technical File.

Explore next step
Section 3

GSPR checklist: make it the traceability backbone

A strong GSPR checklist is the fastest way for a reviewer to understand whether the file is coherent. It should act as a map, not a text dump.

Control: each GSPR row should show the requirement, the design control, the verification evidence, the residual risk treatment, and the linked labeling statement where relevant.

  • Map each released claim to the GSPR row and to the exact evidence that supports it.
  • Show where residual risks are communicated, including IFU warnings, training, contraindications, and device limitations.
  • Tie CER conclusions and PMCF decisions back into the GSPR rows that depend on clinical evidence.
  • Keep supplier and software changes visible so the checklist does not drift away from the current design.
  • Check UDI, label, and EUDAMED data consistency as part of the same release gate.
Section 4

Software and frequent updates: add a regulated release dossier

Software devices and connected devices fail audits when releases are treated like routine engineering pushes rather than regulated changes. Build one repeatable release dossier for every production update.

Control: no release closes until the release dossier shows what changed, why it was acceptable, and which downstream records were updated.

  • Define release gates for verification, validation, cybersecurity review, clinical-impact assessment, risk update, label and IFU review, and UDI or registration impact.
  • Keep version history tied to CER updates, risk-management updates, PMS findings, and the registered device identity.
  • For algorithmic software, record new inputs, model retraining, changed automation, new user populations, and changed output claims as explicit review items.
  • Control third-party software components with supplier notifications, vulnerability notices, patch timelines, and deployment verification.
  • Archive screenshots, user-facing output samples, and release notes as controlled evidence because they are often what reviewers use to test intended purpose and classification.
Primary sources

References and citations

Blue Guide 2022 (EUR-Lex)
eur-lex.europa.eu
Referenced sections
  • Cross-cutting guidance on economic operators, compliance concepts, and product-rule implementation.
Related guides

Explore more topics

Applicability Test | EU Medical Device Regulation (MDR) 2017/745 | Is it a Medical Device? Annex XVI? Software Rule 11?
A step-by-step MDR applicability test for Regulation (EU) 2017/745: confirm intended purpose, device definition and exclusions.
CER Template | EU Medical Device Regulation (MDR) 2017/745 | Clinical Evaluation Report Structure (Annex XIV)
A practical Clinical Evaluation Report (CER) template for MDR (Regulation (EU) 2017/745): a copy-ready CER structure aligned to Annex XIV.
Clinical Evaluation Overview | EU Medical Device Regulation (MDR) 2017/745 | CER, Clinical Evidence Strategy, PMCF
A practical MDR clinical evaluation overview: how to define clinical claims and intended purpose, plan the clinical evaluation (CEP).
Compliance Checklist | EU Medical Device Regulation (MDR) 2017/745 | Technical Documentation, Clinical Evaluation, PMS, UDI/EUDAMED
An MDR compliance checklist you can run per device family: scope + role, classification and conformity assessment route, QMS controls (incl.
Compliance Guide | EU Medical Device Regulation (MDR) 2017/745 | QMS, Technical Documentation, Clinical Evaluation, PMS, UDI/EUDAMED
A practical EU MDR compliance guide for Regulation (EU) 2017/745: how to build an MDR operating model from scope and classification to conformity assessment.
Deadlines and Compliance Calendar | EU Medical Device Regulation (MDR) 2017/745 | Transition, Legacy Devices, EUDAMED
A practical MDR deadlines and compliance calendar: MDR application timing, Regulation (EU) 2023/607 transition conditions.
Device Classification Guide | EU Medical Device Regulation (MDR) 2017/745 | Annex VIII + Software Rule 11
A practical MDR device classification guide for Annex VIII: how to write a classification memo, apply implementing rules, decide invasiveness and duration.
FAQ | EU Medical Device Regulation (MDR) 2017/745 | Scope, Classification, Technical File, Clinical Evaluation, UDI/EUDAMED
High-signal EU MDR FAQ: Is my product a medical device? Is my software in scope? What is Rule 11? Do I need a notified body? What goes in the technical file.
MDR vs IVDR | EU Medical Device Regulation (MDR) 2017/745 vs IVDR 2017/746 | Classification, Evidence, UDI/EUDAMED
A practical MDR vs IVDR comparison for mixed device portfolios: scope differences (medical devices vs in vitro diagnostics), classification approaches.
Penalties and Fines | EU Medical Device Regulation (MDR) 2017/745 | Enforcement Risk + How to Reduce Exposure
A practical MDR enforcement guide: how penalties work under EU MDR (sanctions set by Member States), common enforcement triggers (misleading claims.
PMS and Vigilance | EU Medical Device Regulation (MDR) 2017/745 | PMS Plan, PSUR, Serious Incidents, FSCA
A practical MDR PMS and vigilance guide: build the Annex III PMS system, decide when PSUR or PMS report applies, meet serious-incident timelines of 15 days.
PMS Plan Template | EU Medical Device Regulation (MDR) 2017/745 | Annex III-Aligned Outline + Metrics
A practical MDR Post-Market Surveillance (PMS) plan template aligned to MDR Annex III: copy-ready sections for device scope, data sources.
Requirements | EU Medical Device Regulation (MDR) 2017/745 | Core Obligations + Evidence Outputs
A grounded MDR requirements guide for Regulation (EU) 2017/745: scope and role mapping, Annex VIII classification, Article 10 and 15 governance.
Transition Timelines | EU Medical Device Regulation (MDR) 2017/745 | Legacy Devices, 2023/607 Extension, Significant Changes
A practical MDR transition and legacy-device timeline guide: how Article 120 works after Regulation (EU) 2023/607, which conditions must stay true.
UDI and EUDAMED | EU Medical Device Regulation (MDR) 2017/745 | UDI-DI/PI, Basic UDI-DI, Actor Registration, Device Registration
A practical MDR UDI and EUDAMED guide: Basic UDI-DI, UDI-DI, UDI-PI, actor registration and SRN, Article 29 device registration.