Health, Education & Government Life Sciences & Pharma Connected Medical Devices

Post-Market Surveillance

Regulated development and commercialization journeys where clinical, quality, and market access align.

Veeva Greenlight Guru Cognite MedWatch (FDA)
Inside this journey
  1. Pre-Discovery

    Align the room on outcomes, decision process, and constraints before deeper discovery.

    1. Stakeholder Alignment

      Confirm decision roles, timelines, primary compliance obligations, and what 'good' looks like for each stakeholder.

      Alignment Questions

      A Quick Hello — Who's in Front of Us?

      • What's your title and primary responsibility for post-market activities? Options: VP Quality, Director, Post-Market Surveillance, Regulatory Affairs Director, Quality Manager, Head of Clinical Safety, IT / Data Integration Lead, Other
      • Which product families or device lines will you be focused on for this program? (list product names or codes)
      • Who else on your immediate team is expected to be involved day-to-day? Options: Post-Market Surveillance / Vigilance, Regulatory Affairs, Quality / CAPA, Clinical Affairs, Field Service, IT / Data Engineering, Other
      • What is the most important outcome you personally want from improving PMS now? Options: Fewer regulatory deficiencies, Faster signal detection, Reduced manual reporting effort, Clear audit trail, Better cross-team collaboration, Other
      • When you think about past platform projects, what has made you trust a vendor quickly — or lose trust?

      Who Could Quietly Stop This Project?

      • Which stakeholders outside your core team have the power to say ‘no’ or put this on hold, even if everyone else agrees? Options: Legal, Executive Leadership / CEO, Head of R&D, Manufacturing/Operations, Finance, IT Security, Regulatory Competent Authority Liaison, Other
      • Why do you think each of those stakeholders might object—budget, risk, resource, validation burden, or something else? Options: Budget/cost, Validation/regulatory risk, Data security/privacy, Change fatigue, Competing priorities, Technical integration complexity, Lack of clear ROI, Other
      • Tell us about a time a project stalled because an unexpected stakeholder raised concerns—what happened and how was it resolved (or not)?
      • Which of these stakeholders would you want us to engage early to avoid surprises? Options: Executive sponsor, Legal counsel, IT security, Clinical safety lead, Quality assurance, Validation lead, Other
      • If one of those stakeholders could only be shown a single thing to gain their buy-in, what should that be (e.g., cost avoidance, audit trail, validation package)? Options: Cost avoidance/efficiency, Audit-readiness documentation, Evidence of regulatory compliance (MDR/IVDR/FDA), Data security & access controls, Demonstrated signal detection performance, Other

      Timelines That Will Make or Break Us

      • If the timeline slips even a little, where will you feel the pain first—and why? Options: Regulatory deadlines (PSUR/MDR), Product launch or maintenance schedules, Internal reporting cycles, Audit readiness windows, Resource reallocation, Other
      • What specific external deadlines are non-negotiable for you in the next 6–18 months (e.g., MDR report due dates, FDA submissions)?
      • What internal milestones or board check-ins must we align with? Options: Monthly leadership review, Quarterly compliance steering, Product safety committee, Validation sign-off milestones, Other
      • Realistically, how much calendar slack do you have between a project delay and the first regulatory impact? Options: None — immediate risk, 1–2 months, 3–6 months, 6+ months, Unsure
      • If we commit to a target go-live date, what are the single biggest internal blockers that usually prevent you from hitting it? Options: Data readiness, Validation resource, Third-party integrations, Legal/commercial approvals, User training availability, Other

      What Are We Assuming About Compliance That Might Be Wrong?

      • Where do you feel the team has been 'making do' with processes that wouldn’t pass a close regulatory or auditor review?
      • Which regulations are you most anxious about meeting with this project—pick all that apply Options: EU MDR, EU IVDR, US FDA (MDR/MAUDE), UK CA/UK MDR, Other national competent authority, Not sure
      • Have you ever received a finding or observation tied to post-market surveillance or vigilance? What was the nature and impact? Options: Yes — major finding, Yes — minor observation, No, Prefer not to say
      • Which compliance artifacts do you currently lack or find weakest (e.g., traceability matrix, validation evidence, audit logs)? Options: Validation protocol/execution, Data lineage documentation, Audit-ready reports, Algorithm validation, SOPs for surveillance, Other
      • How would you describe your comfort level with the current ability to show 'audit-ready' processes to an inspector? Options: Very comfortable, Somewhat comfortable, Barely comfortable, Not comfortable at all

      When Everyone Says 'Good'—Do They Mean the Same Thing?

      • If we asked Legal, Quality, and the Head of Product to define 'good' for this program, how different do you think those answers would be? Options: Largely aligned, Some overlap, key differences, Mostly different, Completely different
      • For each stakeholder group, what would a successful outcome look like? (List stakeholder → measurable sign of success)
      • Which stakeholder’s definition of success is most likely to require trade-offs, and what trade-offs do you foresee? Options: Quality vs Speed, Cost vs Coverage, Usability vs Rigor, Local process vs Global standardization, Other
      • How important is preserving existing manual workflows versus moving to automated processes? Options: Preserve mostly manual, Hybrid approach preferred, Lean toward automation, Full automation preferred
      • If forced to prioritize, which success metric must we hit first (choose one)? Options: Regulatory submission readiness, Signal detection sensitivity/speed, Reduction in manual effort, Complete audit trail and traceability, Other

      The Data Gatekeepers — Who Controls Your Sources?

      • Who controls access to your primary complaint and adverse event feeds (CRM, field service, clinical safety, literature monitoring)? Options: Complaint CRM team, Field Service Ops, Clinical Safety team, IT / Data Platform, Third-party vendor, Other
      • How confident are you that the data owners will agree to mapped exports and ongoing integration? Options: Very confident, Somewhat confident, Uncertain, Not confident
      • What are the common reasons data owners say 'no' to integrations in your organization? Options: Security concerns, Data quality doubts, Resource constraints, Lack of formal API, Contractual/third-party limits, Other
      • Which data source do you expect to be the trickiest to normalize for signal detection (CRM notes, field service logs, literature, legacy databases)? Options: CRM notes, Field service logs, Adverse event reports, Literature feeds, Legacy systems, Other
      • If a key data owner resists, what compromise would be acceptable to you (e.g., delayed integration phase, partial extracts, anonymized records)? Options: Phased integration, Partial/filtered extracts, Pseudonymized data, Manual handoffs until automated, No compromise – must fully integrate, Other

      How Will We Know We’ve Succeeded (Beyond Feeling Better)?

      • What concrete KPIs will you use to decide this project is a success at 3 months, 6 months, and 12 months?
      • Which of the following outcome measures matter most to your regulators and auditors? Options: Audit documentation completeness, Time-to-signal detection, False positive rate of alerts, Automated submission accuracy, Traceable data lineage, Other
      • What level of reduction in manual effort (hours/week or FTE) would justify the investment to your finance sponsor? Options: <1 FTE, 1–2 FTEs, 3–5 FTEs, >5 FTEs, Unsure
      • How do you prefer acceptance criteria to be documented—detailed test cases, executive sign-off checklist, or both? Options: Detailed test cases, Executive checklist, Both, Other
      • Who will have final sign-off authority for acceptance—name role(s) and their tolerance for risk?

      Governance: Who Keeps This Ship on Course?

      • If we set up a steering committee, who do you insist must be on it and why? Options: Executive sponsor, Head of Quality, Regulatory lead, IT/Data lead, Clinical Safety Lead, Finance, Other
      • How often should governance meetings occur to keep momentum without creating meeting fatigue? Options: Weekly, Bi-weekly, Monthly, Ad-hoc by milestone, Other
      • What decisions need to be escalated versus handled by the project team?
      • Who do you trust to make trade-off decisions when compliance, budget, and timeline conflict? Options: Executive sponsor, Head of Quality, Regulatory Affairs Director, Project Manager, Other
      • What forum or artifact (e.g., decision log, RAID register) has helped you avoid repeated scope churn in previous programs? Options: Decision log, RAID register, Change control board, Weekly status report, Other

      Unspoken Deal-Breakers — Tell Us the Hard Stuff

      • What is a non-negotiable constraint for this program that would cause you to stop the project immediately if unmet? Options: No third-party access to PHI, Complete validation evidence, Meeting specific regulatory date, Budget cap, No changes to core CRM, Other
      • Are there commercial terms or procurement red lines (e.g., liability limits, data residency) that must be resolved before technical work begins? Options: Data residency, Liability cap, IP ownership, Long-term commitment length, None, Other
      • What internal political sensitivities should we avoid when engaging teams or communicating progress?
      • If this program fails, what’s the worst organizational consequence (regulatory action, product recall, leadership fallout)? Options: Regulatory warning/recall, Increased inspections, Leadership consequences, Financial penalties, Reputational damage, Other
      • What's one thing you haven’t told other vendors that we should know to avoid blind spots?

      Early Commitments — Small Bets That Demonstrate Progress

      • Which of these low-risk early wins would be most persuasive to your stakeholders? Options: Proof-of-concept with a single product line, Clean data extract + lineage for one source, Simulated MDR submission, Algorithm sensitivity demo on historical data, Validation template delivery
      • Who needs to see those early wins and in what format (demo, deck, validated report)? Options: Executive sponsor — exec summary, Quality — validation evidence, Regulatory — sample submission, IT — integration specs, All of the above
      • What is a realistic 30/60/90-day success plan that would get broad stakeholder confidence?
      • Would you be open to a short pilot with real data under an NDA to validate assumptions quickly? Options: Yes — eager, Yes — with conditions, Maybe — need more info, No
      • What resources can you commit in the near term (e.g., SME hours, IT support, validation reviewer) to make a fast pilot possible? Options: SME hours, IT integration support, Validation reviewer, Data extraction support, None right now, Other

      Close the Loop — Clear Next Steps and Owners

      • Based on this conversation, what are the top three immediate actions you expect from us?
      • Who on your side will be the day-to-day project owner and who will be the executive sponsor (name/role)?
      • What decision or deliverable would make you comfortable signing an initial statement of work? Options: Pilot scope and success criteria, Validated data mapping for one source, Commercial terms agreed, Regulatory acceptance criteria defined, Other
      • When should we schedule a follow-up meeting to review the pilot plan and stakeholder engagement strategy? Options: Within 1 week, Within 2 weeks, Within 1 month, Other
      • Is there anything we missed in this discussion that could change your priorities or timeline?
    2. Current State Mapping

      Inventory data sources (CRM, field service, adverse event feeds, literature), reporting gaps, and regulatory risk exposures to prioritize.

      Current State

      Quick Snapshot: Who’s on the Field?

      • Who on your team will be the day-to-day owner for post-market surveillance and integrations?
      • Which markets and competent authorities does your product portfolio currently report into? Options: United States (FDA), European Union (MDR/IVDR), United Kingdom (MHRA), Other regulated markets
      • Roughly how many distinct medical device SKUs or device families are in active post-market surveillance today? Options: 1–5, 6–25, 26–100, 100+
      • What systems currently store complaint and field data (select all that apply)? Options: CRM (Salesforce, Dynamics, other), Field service management, Safety/adverse event system, Literature monitoring feeds, Spreadsheets/Shared drives, Other
      • Who is your single point of contact for integrations and IT security approvals?

      Are You Missing the Signals That Matter?

      • Tell us about a time when a safety issue emerged late—what signs existed beforehand that were missed?
      • How do you currently define an emerging signal versus routine variation? Options: Statistical trending thresholds, Clinical review, Manual suspicion/intuition, Regulatory trigger lists, Other
      • How confident are you that your current process would detect a low-frequency but high-severity signal in time to meet reporting requirements? Options: Very confident, Somewhat confident, Not confident, Unsure
      • Which types of signals do you worry are most likely to be overlooked? Options: Field service patterns, Customer complaints re pattern, Literature case clusters, Adverse events across regions, Software-related issues, Other
      • How often do you review sensitivity and specificity of your trending methods? Options: Monthly, Quarterly, Annually, Rarely/Never

      Where Does the Noise Live? Mapping Your Data Blockages

      • What percentage of complaint and service records are digitized and accessible for automated analysis today? Options: >90%, 60–90%, 30–59%, <30%
      • Which of these best describes where your most valuable surveillance data is stored? Options: Centralized data warehouse, Multiple departmental systems, CRM is primary but not structured, Ad hoc spreadsheets and emails, Other
      • Do you have consistent device identifiers (UDI, catalog numbers, serial) across systems to enable traceability? Options: Yes, standard across systems, Partially consistent, No, inconsistent or missing, We use different identifiers per system
      • Which technical connectors are available for the systems you want integrated? Options: REST API, SFTP/flat file exports, Direct DB access, Vendor connectors available, None/Manual only
      • Describe the most common data quality issues you see (e.g., missing fields, inconsistent coding, duplicates).
      • Who currently owns reconciliation and remediation when data quality issues are found? Options: Quality/Regulatory, IT/Data team, Business unit, Shared ownership, Not defined

      When Reports Become a Bottleneck

      • How long does it typically take to produce a full PSUR or EU MDR periodic report from initial data pull to final sign-off? Options: <2 weeks, 2–4 weeks, 1–3 months, >3 months
      • Which steps in your reporting process are most manual or error-prone? Options: Data extraction, Data cleaning/mapping, Signal review and adjudication, Report assembly and formatting, Regulatory submission process
      • Have you missed statutory reporting deadlines in the past 3 years? If yes, what caused the delay? Options: No missed deadlines, Yes—data availability, Yes—review/approval bottleneck, Yes—technical submission failure, Other
      • How do you currently document audit trails and traceability for report contents? Options: System-generated audit logs, Manual change logs, Not consistently documented, Third-party validation documents, Other
      • In a crisis requiring urgent vigilance submission, what is your typical time-to-submission today? Options: <24 hours, 24–72 hours, 3–7 days, >7 days

      What’s Really Risking Your License to Operate?

      • If a regulator audited your post-market surveillance tomorrow, where would you expect the toughest questions to land? Options: Data integrity and lineage, Signal detection methodology, Traceability to devices, Timeliness of reporting, Validation and change control
      • Have you received any regulatory observations, CAPAs, or warning letters related to post-market surveillance in the last five years? Please summarize.
      • How formalized is your method for prioritizing regulatory risk exposures (e.g., risk matrix, RAG status)? Options: Formalized and tracked, Informal but used, Ad hoc decisions, Not defined
      • Who signs off on acceptance criteria that determine when a signal becomes a reportable event? Options: Head of Quality, Head of RA, Cross-functional safety board, Ad hoc reviewers, Not defined
      • How stressed or resourced is your team during peak reporting periods? Options: Well resourced, Manageable strain, Significant strain, Unsustainable

      What Would Audit-Ready, Automated Surveillance Look Like?

      • Imagine your ideal state: how sensitive should signal detection be (e.g., favor fewer false positives vs. maximize catch rate)? Options: Maximize sensitivity (catch all), Balanced, Favor specificity (fewer false positives), Unsure—need guidance
      • Which automated outputs would deliver the most value for you right away? Options: Automated MDR/vigilance submissions, Pre-populated PSUR drafts, Trend dashboards by device family, Alert workflows to reviewers, Data lineage reports for auditors
      • What measurable success signals would show you the solution is working (choose up to three)? Options: Faster report generation time, Fewer missed reportables, Higher confidence in trending, Reduced manual effort, Stronger audit outcomes
      • What level of explainability do you require for trending algorithms in audit (e.g., statistical detail, adjustable thresholds, human-readable rationale)? Options: Full statistical detail, Configurable thresholds + summary, High-level rationale only, Unsure
      • How would achieving that ideal change day-to-day life for your team and stakeholders?

      What Would It Really Take to Change?

      • If we proposed an integration and pilot, what would be the single biggest internal obstacle to moving forward? Options: Budget, IT approvals/security, Validation effort, Stakeholder alignment, Change fatigue
      • Which groups must be involved and signed off for you to proceed (select all that apply)? Options: Quality/Compliance, Regulatory Affairs, IT/Security, Clinical, Legal, Executive sponsor
      • What is your target decision timeline for selecting a post-market surveillance platform? Options: Immediately/This month, 1–3 months, 3–6 months, 6+ months
      • What level of integration and validation support would you expect from a vendor to consider a pilot successful? Options: Full integration + IQ/OQ/PQ deliverables, Partial integration + validation playbook, Advisory support only, We define requirements
      • What budget posture exists for this initiative and who controls allocation? Options: Dedicated budget in place, Budget under review, Cross-functional funding required, No budget yet
      • What would ‘success’ look like at the end of a 3-month pilot (be specific)?

      One Last Thing: Practical Next Steps and Quick Wins

      • Which small, high-impact data source could we integrate first to prove value quickly? Options: CRM complaints, Field service logs, Adverse event system, Literature alerts, Device registries
      • Who should be on a 30-minute technical discovery to confirm connectors and security requirements?
      • Would you find it helpful to run a short data health checklist together to estimate effort and timelines? Options: Yes—schedule it, Maybe—need more info, No
      • What is the best way to show early ROI to your leadership (select top two)? Options: Time saved per report, Reduced missed reportables, Audit-ready documentation, Lower external consulting spend, Faster regulatory response time
      • Is there any other context, sensitive issues, or recent changes we should know before proposing a pilot?
  2. Outcome Discovery

    Define target outcomes—signal detection sensitivity, automated report cadence, and audit-ready traceability—and measurable success signals.

    Discovery Questions

    Quick Intro: Your Post-Market World

    • In one sentence, what is your top priority for post-market surveillance this year?
    • Which geographic markets and product lines are highest priority for meeting MDR/IVDR and FDA obligations right now? Options: EU (MDR/IVDR), United States (FDA), Canada, Other regulated markets (specify), All markets equally
    • How large is the core team accountable for post-market surveillance and regulatory reporting? Options: 1–2 people, 3–5 people, 6–10 people, 11–20 people, 20+ people
    • Which systems currently hold your complaint and adverse event data? Options: CRM (Salesforce, Zendesk, etc.), Field service system, Safety/adverse event case system, Literature monitoring feeds, Spreadsheets / Shared drives, Other
    • How would you describe your team’s current emotional state about PMS work—confident, stretched, reactive, or resigned? Options: Confident, Stretched, Reactive/always firefighting, Resigned/accepting gaps, Optimistic about improvement

    Are We Missing the Signals?

    • What safety signals do you suspect have slipped under your radar in the past 12 months?
    • How frequently do you believe a meaningful signal emerges that your current process fails to detect? Options: Monthly, Quarterly, Twice a year, Annually, Rarely/never
    • Where are the blind spots most often: complaint classification, trend thresholds, literature, field service, or cross-system correlation? Options: Complaint classification, Trend thresholds/algorithms, Literature monitoring, Field service records, Cross-system correlation, All of the above
    • Who usually notices a potential signal first (role or team), and what typically happens next?
    • If you had to quantify the chance that an emerging issue is missed before it becomes reportable, what percent would you assign? Options: 0–10%, 11–25%, 26–50%, 51–75%, 76–100%
    • What emotions surface when you think about a missed signal (fear, frustration, embarrassment, financial worry, other)? Options: Fear, Frustration, Embarrassment, Financial worry, Regulatory anxiety, Other

    What's the Cost of 'Good Enough'?

    • If an auditor or regulator reviewed your PMS program right now, which gap would most likely trigger a finding?
    • What has been the most tangible consequence of current PMS gaps—late reports, rework, CAPAs, recalls, or near-miss citations? Options: Late regulatory submissions, Excessive manual rework, CAPA backlogs, Product corrective actions/recalls, Regulatory citations/observations, Unquantified business risk
    • How many person-hours per month does your team spend assembling or validating post-market reports? Options: <20 hours, 20–80 hours, 81–200 hours, 201–500 hours, 500+ hours
    • Where do you see the worst waste of time—manual data pulls, inconsistent classification, algorithm tuning, or report formatting? Options: Manual data pulls, Inconsistent classification, Algorithm tuning/false positives, Report formatting and edits, Audit documentation
    • Describe a recent near-miss or scramble that made you think 'we need a better system'—what happened and who paid the price?

    What Keeps Your Team Awake at Night?

    • Which single post-market process would you call 'most likely to fail under pressure'? Options: Signal detection/trending, Case intake and classification, Regulatory report generation, Data lineage and traceability, Validation and change control
    • How often do urgent regulatory questions derail your planned work—daily, weekly, monthly, rarely? Options: Daily, Weekly, Monthly, Rarely
    • When timelines compress, what do you cut or compromise on—validation steps, documentation completeness, or stakeholder review? Options: Skip validation steps, Reduce documentation detail, Limit stakeholder review, Delay non-urgent tasks, Other
    • Who are the internal stakeholders that most resist changes to PMS processes and why? Options: Quality leadership, Regulatory affairs, Clinical, IT/Integration teams, Business/product owners, Other
    • How does the stress of these pressure points show up in team behavior or morale?
    • What would be the immediate operational benefit if that highest-risk process never failed again?

    Imagine Audit-Ready Confidence

    • What would it look and feel like if every safety signal, report, and change had audit-ready traceability by default?
    • Which measurable success signals matter most to you: earlier detection, fewer false positives, percent automation of reports, or auditor pass rate? Options: Earlier detection (time to signal), Reduced false positives, Percent automation of reports, Audit pass / zero observations, Reduced person-hours per report
    • For signal detection sensitivity, which trade-off do you prefer: higher sensitivity (more alerts) or higher specificity (fewer false alarms)? Options: Higher sensitivity, Higher specificity, Balanced/Adaptive
    • What automated report cadence would meaningfully reduce your workload—ad hoc on signal, monthly, quarterly, annually, or per-regulator schedule? Options: Ad hoc on signal, Monthly, Quarterly, Annually, Per-regulator schedule (custom)
    • If we proved a 30–50% reduction in report preparation time, what would that enable your team to do differently?

    The Data Story: Where Truth Lives

    • How confident are you that key data mappings (device identifiers, complaint categories, timelines) are accurate across systems? Options: Very confident, Somewhat confident, Neutral, Somewhat unconfident, Not confident at all
    • Which data quality issues cause the most problems: missing fields, inconsistent taxonomy, duplicate records, or delayed ingestion? Options: Missing fields, Inconsistent taxonomy/classification, Duplicate records, Delayed ingestion/latency, Incorrect lineage
    • Which systems must integrate for a successful implementation (select all that apply)? Options: CRM (name vendor), Field service system, EHR/clinical feeds, Literature monitoring tool, Safety case management system, ERP/UDI registry, Other
    • Who owns data quality and mappings today, and how quickly can they support an integration project? Options: Quality team, Regulatory team, IT/data team, Third-party consultants, No clear owner
    • When data conflicts appear, what governance or escalation path do you use?
    • Describe a recent example where poor data lineage led to rework or regulatory risk—what was the root cause?

    What Would Change If We Could?

    • If you could remove one bottleneck from the PMS lifecycle in 30 days, which would create the biggest regulatory and business impact? Options: Automated classification of complaints, Real-time trend detection, Auto-generation of MDR/PSUR templates, Unified data lineage and audit trail, Faster integration with CRM/field service
    • What internal barriers would we need to clear to make that 30-day change stick (budget, resources, validation, executive buy-in)? Options: Budget approval, Dedicated resources, Validation plan and time, Executive sponsorship, IT integration windows, Other
    • How do you prefer to pilot changes: single product family, single market, or single process (e.g., trending) first? Options: Single product family, Single market/region, Single process pilot, Organization-wide pilot
    • What short-term KPIs would prove success in a pilot (time to signal, report automation %, reduction in hours)? Options: Time to signal, Report automation %, Reduction in person-hours, Number of audit observations, Improved stakeholder satisfaction
    • Who are the internal champions and blockers you would want involved on day one?

    Agreeing What Success Means and Next Steps

    • If we put an implementation plan on the table today, what is the single non-negotiable acceptance criterion you’d require at handover?
    • Which validation deliverables must be included for your quality system to accept a new PMS capability? Options: Test scripts and results, Traceability matrix, User acceptance sign-off, Validation summary report, Regulatory submission test cases
    • What commercial or timing constraints could block a decision this quarter? Options: Budget cycle, Procurement lead time, Contract approvals, Resource availability, Other
    • Realistically, when would your team be ready to start a pilot or integration project? Options: Immediately, In 1–2 months, In 3–6 months, Later this year, Unsure
    • What would you like our next interaction to deliver—a demo using your data, a mapping workshop, a pilot proposal, or an executive briefing? Options: Demo using your data, Data mapping workshop, Pilot proposal and timeline, Executive briefing on risk/ROI, Cost estimate
    • Is there anything we haven’t asked that would change how you evaluate PMS solutions? If so, please tell us.
  3. Solution Experience

    Apply the customer’s data and scenarios to demonstrate how the platform detects signals, consolidates complaints, and produces MDR/PSUR/vigilance outputs to achieve outcomes.

    Experience Meetings

    • Data & Scenario Readiness (Pre-Experience Alignment)
    • Live Signal Detection Workshop (Diagnosis → Proof → Validation)
    • Complaint Consolidation & Regulatory Output Generation
    • Validation & Acceptance Review (Pilot Decision)
    • Customer: Provide 3–5 high-priority scenarios (example incidents) to be used as validation cases in the live demo.
    • Identify any remaining data gaps or scenario exceptions to be addressed before regulatory report generation.
    • Seller: Produce a report of all signals detected during the workshop with rationale and performance metrics (precision/recall estimates).
    • Customer: Provide feedback on each validated signal and supply any missing context or follow-up documents.
    • Seller: Implement agreed tuning changes and re-run detection on full sample dataset; deliver results.
    • Customer: Confirm additional scenarios or edge cases to be included in the next run.
    • Frame Regulatory Acceptance Criteria
    • Prove the platform can generate MDR/PSUR/vigilance outputs that meet the customer's documented acceptance criteria.
    • Validate audit-ready traceability from raw complaint to regulatory submission artifacts.
    • Agree the list of template changes and owners to finalize regulatory outputs for pilot testing.
    • Seller: Export and deliver the draft MDR, PSUR, and vigilance documents generated during the session for legal/regulatory review.
    • Customer: Review drafts against internal regulatory checklist and return detailed feedback within X business days.
    • Seller: Update report templates and workflows per agreed adjustments and document versioning for validation.
    • Customer: Assign regulatory SME to confirm acceptance or list required edits for each report type.
    • Recap Success Signals and Acceptance Criteria
    • Obtain final acceptance (or conditional acceptance) that the Solution Experience proves the defined future state outcomes.
    • Agree remediation tasks with owners and timelines for any gaps needed to reach acceptance.
    • Confirm handoff requirements and artifacts needed for the Deployment and Validation Checklist stages.
    • Seller: Compile a validation pack (data lineage, signal metrics, consolidated case logs, draft reports) and deliver to customer.
    • Customer: Provide formal sign-off or a prioritized remediation list with owners and due dates.
    • Seller & Customer: Schedule follow-up gating call to confirm remediation completion and pilot go/no-go decision.
    • Capture a single-sentence current state that every participant agrees is accurate.
    • Document the explicit consequence of the current state in measurable terms (time, cost, regulatory risk).
    • Agree on a single-sentence future state outcome that the Solution Experience must prove.
    • Confirm availability and delivery timeline of masked sample data and representative scenarios needed for the live session.
    • Customer: Deliver masked sample extract(s) (complaints, service logs, adverse events, literature) covering X months by [date].
    • Seller: Prepare ingestion pipeline and mapping template for the provided sample(s).
    • Introductions & Meeting Objectives
    • Seller: Share pre-demo checklist and run a dry ingest in a staging environment before the live workshop.
    • Recap Preconditions (Current state, Consequence, Future state)
    • Demonstrate with customer data that the platform identifies the prioritized signals that map to the customer's future-state outcome.
    • Validate, in-line, that detections and consolidations reflect customer expectations for signal accuracy and triage workload reduction.
    • Agree on algorithm thresholds and rule changes required for pilot acceptance.
    • Confirm Current State (one sentence)
    • Demonstrate Complaint Consolidation to Case Drafts
    • Presentation of Validation Evidence
    • Live Ingest & Mapping Confirmation
    • Gap Review & Remediation Plan
    • Detection Walkthrough: Algorithm Behavior on Customer Data
    • Generate Draft MDR/PSUR/Vigilance Reports
    • Surface Consequence (one sentence)
    • Formal Acceptance or Conditional Sign-off
    • Audit Trail & Traceability Review
    • Triage & Consolidation: Case Creation and De-duplication
    • Define Future State Outcomes (one sentence)
    • Data Inventory & Sample Mapping Review
    • Validation Checkpoint: Force Customer Confirmation
    • Validation Check: Compare Drafts to Acceptance Criteria
    • Next Milestones and Handoff to Deployment
    • Adjust Thresholds & Re-run (if needed)
    • Agree Template and Process Adjustments
    • Pre-demo Validation Checklist & Responsibilities
    • Summary of Findings & Agreed Tuning
  4. Solution Scope

    Define modules, integrations, trending algorithms, report templates, validation deliverables, and responsibilities for compliance and operations.

    Scope Configuration

    • Ingest and Normalize CRM Complaint Data
    • Integrate Field Service Records and Logs
    • Map, De-duplicate, and Consolidate Cases
    • Configure Trending and Signal-Detection Algorithms
    • Deploy Automated FDA MDR Submission Workflows
    • Deploy Automated EU MDR/Vigilance Report Generation
    • Set Up Literature and External Source Monitoring Feeds
    • Generate Post-Market Surveillance Reports (PMSR)
    • Generate Periodic Safety Update Reports (PSUR)
    • Link Surveillance Events to CAPA Workflows
    • Configure Product-Family Performance Dashboards
    • Provide Validation Packages (IQ/OQ/PQ) and Traceability
    • Enable Role-Based Access Controls and Audit Trails
    • Migrate Historical Complaint and Adverse Event Archives

    Scope Questions

    Ingest and Normalize CRM Complaint Data

    • Which CRM systems or complaint intake sources must be ingested? Options: Salesforce, Microsoft Dynamics, ServiceNow, Zendesk, Custom/Proprietary CRM, Other
    • What is the expected daily/weekly complaint volume to ingest? Options: Less than 10/day, 10-100/day, 100-500/day, More than 500/day
    • How is complaint data currently exported from your CRM (API, CSV/Excel, DB dump, other)? Options: API, CSV/Excel exports, Database export (SQL), Manual export (ad hoc), Other
    • Do you require mapping of custom CRM fields to surveillance data model? Options: Yes, No
    • Which coding standards or normalizations are required (e.g., MedDRA, custom codes, free-text NLP)? Options: MedDRA coding, Custom internal codes, Free-text NLP normalization, No coding required, Other
    • If there are privacy or data residency constraints for CRM data (e.g., EU data residency, HIPAA), describe them.

    Integrate Field Service Records and Logs

    • Which field service systems or formats must be integrated? Options: IFS/ServiceMax, SAP Field Service, Custom CSV/Excel logs, IoT/telemetry platforms, Other
    • Do field service records include device serial numbers or lot identifiers for linkage? Options: Yes, No, Partial/Some records
    • What is the frequency of field service data updates (real-time, daily batch, weekly)? Options: Real-time/streaming, Hourly, Daily, Weekly, Ad hoc
    • Are telemetry or sensor logs part of the field data set that should be parsed? Options: Yes, No
    • Do you require linkage rules between field service events and complaint/adverse event cases? Options: Yes, automatic linkage by serial/lot, Yes, manual review recommended, No linkage required
    • Please list any proprietary file formats, schemas, or APIs the field service integration must support.

    Map, De-duplicate, and Consolidate Cases

    • What primary identifiers should be used for case matching (serial number, patient ID, contact, incident date)? Options: Device serial/UDI, Patient/subject ID, Customer account, Date/time and location, Other
    • What is your preferred de-duplication rule: strict match, fuzzy match, or human review threshold? Options: Strict exact match, Fuzzy match with score threshold, Always require human review, Hybrid - automated then human
    • Do you want consolidation across sources (CRM, field service, literature) into a single case record? Options: Yes, always consolidate, Yes, consolidate with human validation, No, keep source records separate
    • What minimum data elements must be present for an automated consolidation to proceed? Options: Serial/UDI + event date, Reporter contact + description, Product model + incident details, Custom (please specify in next field)
    • What tolerance for false positives/false negatives in dedupe do you accept (e.g., allow 1% manual review rate)?
    • Who should own final consolidated case review and approval (role/title)?

    Configure Trending and Signal-Detection Algorithms

    • Which product dimensions should trending be stratified by (model, lot, manufacturing site, geography)? Options: Product model, Lot/lot number, Manufacturing site, Country/region, Clinical indication, Other
    • Which algorithm types do you prefer or require (e.g., disproportionality, control charts, Poisson CUSUM, Bayesian)? Options: Control charts (Shewhart/CUSUM), Disproportionality methods, Time-to-event/Bayesian, Custom statistical model, Unsure - advise us
    • What sensitivity vs. specificity tradeoff is preferred for alerts (high sensitivity - more alerts, high specificity - fewer alerts)? Options: High sensitivity (catch early signals), Balanced, High specificity (reduce false alerts)
    • What baseline historical window should algorithms use for comparison (e.g., 6 months, 12 months)? Options: 3 months, 6 months, 12 months, 24 months, Custom
    • Do you require algorithm parameter tuning and documentation for regulatory validation? Options: Yes, full parameterization and documentation, Yes, basic documentation, No, use default settings
    • Are there specific signals or event types that must be prioritized (e.g., serious injury, death, malfunction)?

    Deploy Automated FDA MDR Submission Workflows

    • Do you currently submit MDRs electronically (e.g., FDA eMDR, legacy methods)? Options: Yes - FDA eMDR, Yes - proprietary automated process, No - manual submissions, Other
    • Which submission types should be automated (5-day reports, 30-day follow-ups, supplemental reports, MDR narrative generation)? Options: 5-day (death/serious), 30-day follow-up, Supplemental MDRs, All of the above, Other
    • What information must be included in automated submissions (reporter identity, manufacturer contact, device identifiers)?
    • Do you require pre-submission human review/approval gates for automated MDRs? Options: Yes, mandatory review, Recommended but optional, No, fully automated
    • Are there internal escalation rules or timelines tied to MDR generation that the workflow must trigger? Options: Yes, defined escalation rules, No formal rules, Partially defined
    • What validation or audit evidence is required to demonstrate correct MDR generation and submission? Options: Submission logs and receipts, Documented test cases and results, Traceability matrix, All of the above, Other

    Deploy Automated EU MDR/Vigilance Report Generation

    • Which EU reports must be generated automatically (PSUR, Periodic Safety Reports, Serious Incident Reports, Field Safety Corrective Actions)? Options: Periodic Safety Update Report (PSUR), Periodic Benefit-Risk evaluation report (PBRER)/PMSR, Serious Incident Reports, FSCA/Field Safety Notices, Other
    • Do you need EUDAMED submission support and which modules are relevant? Options: Yes - vigilance module, Yes - UDI/device registration, No / EUDAMED not yet required, Unsure - advise
    • Should report narratives and templates be localized (languages, national competent authority formats)? Options: Yes, multi-language, Yes, single EU language, No - English only
    • Do you require a draft-for-review step before finalizing EU reports? Options: Yes, mandatory review, Optional review, No, generate final reports automatically
    • What cadence is required for periodic reports (annual, quarterly, custom)? Options: Quarterly, Bi-annual, Annual, Custom
    • Are there specific MAH/Distributor responsibilities or sign-off requirements to capture in the workflow?

    Set Up Literature and External Source Monitoring Feeds

    • Which external sources should be monitored (PubMed, clinicaltrials.gov, MAUDE/FAERS, regulatory advisories, social media)? Options: PubMed/Medline, ClinicalTrials.gov, MAUDE/FAERS, Regulatory/Competent Authority bulletins, Literature aggregators (Embase), Other
    • What frequency of literature scanning do you require (daily, weekly, monthly, continuous)? Options: Continuous/real-time, Daily, Weekly, Monthly, On demand
    • Should literature-derived signals automatically create surveillance cases or only surface as alerts for review? Options: Auto-create cases, Create drafts for review, Only alerts, no case creation
    • Do you require language translation or multi-language monitoring? Options: Yes, translation required, No, English only, Limited languages (specify)
    • How should literature matches be de-duplicated against internal cases (link by DOI, study ID, keywords, patient details)? Options: DOI/Study ID linking, Keyword similarity, Manual review for linking, Other
    • Please list any subscription-based sources or paywalled services the integration must support.

    Generate Post-Market Surveillance Reports (PMSR)

    • What PMSR template or regulatory structure must reports follow? Options: Company standard template, EU MDR PMSR template, Custom regulatory template, Unsure - need guidance
    • What reporting cadence and reporting window should be used for PMSR generation? Options: Annual, Bi-annual, Quarterly, Custom period
    • Which sections must be auto-populated (signal analysis, trends, corrective actions, benefit-risk conclusions)? Options: Signal analysis, Trend charts and metrics, CAPA status and linkage, Benefit-risk assessment, All of the above
    • Do you require reviewer sign-off workflows and electronic signatures on PMSRs? Options: Yes, mandatory sign-off, Optional sign-off, No sign-off required
    • What level of traceability is needed between report content and source data (e.g., data lineage to individual complaint records)? Options: Full traceability to source records, Summary-level traceability, Minimal traceability
    • Who are the internal owners for PMSR review and approval (roles/titles)?

    Generate Periodic Safety Update Reports (PSUR)

    • Which jurisdictions require PSURs or equivalent periodic safety reports from you? Options: EU (MDR/IVDR), US (FDA) - annual reporting, Other international regulators, Multiple - specify
    • What is the required periodicity and reporting window for PSURs? Options: Annual, Every 6 months, Custom cycle, Product-specific schedule
    • Should PSURs include integrated literature review and aggregated trend data? Options: Yes, include both, Only aggregate data, Only literature summary, No
    • Do you require automated drafting of benefit-risk narratives and proposed actions within the PSUR? Options: Yes, auto-draft suggested text, No, provide data only, Partial - suggest bullet points
    • Are there specific sign-off, distribution, or submission channels for PSURs (e.g., QMS, MAH, distributors)?
    • What archival and versioning requirements do you have for PSURs? Options: Maintain all versions with audit trail, Keep final and major drafts, Other

    Link Surveillance Events to CAPA Workflows

    • Which CAPA or QMS system do you use (e.g., MasterControl, TrackWise, Jira, ServiceNow)? Options: MasterControl, Sparta TrackWise, Jira, ServiceNow, Custom QMS, Other
    • What criteria should automatically trigger a CAPA creation from a surveillance event? Options: Severity (serious injury/death), Trend threshold exceeded, Regulatory obligation, Manual reviewer decision, Other
    • Should CAPA creation be fully automated or require human approval prior to creation? Options: Fully automated, Create draft, require approval, Manual creation only
    • What fields and data must be mapped from the surveillance case to the CAPA record? Options: Root cause analysis fields, Device identifiers and lots, Timeline and evidence attachments, Corrective action owners, All of the above
    • Do you require closed-loop verification that actions from CAPA are reflected back in surveillance metrics? Options: Yes, automatic verification required, Yes, manual confirmation acceptable, No
    • Who are the stakeholders/roles that must be notified or assigned when a CAPA is created?
  5. Mutual Commit

    Finalize commercial terms, acceptance criteria, timelines, and governance required to meet EU MDR, IVDR, and FDA reporting obligations.

    Agreement Modules

    • Statement of Work (SOW)
    • Master Services Agreement (MSA)
    • Order Form / Subscription Agreement
    • Pricing & Payment Schedule
    • Acceptance Criteria & Test Plan
    • Regulatory Compliance Annex
    • Data Processing Agreement (DPA)
    • Service Level Agreement (SLA) & Support
    • Validation Deliverables & Traceability Matrix
    • Implementation Timeline & Milestones
    • Change Order & Scope Management
    • Governance & Steering Committee Charter
    • Security & Penetration Testing Agreement
    • Training & Knowledge Transfer Plan
    • Warranty, Liability & Indemnification
    • Termination, Renewal & Exit Plan
    • Audit Rights & Documentation Access
    • Regulatory Submission Support Agreement
  6. Deployment

    Operationalize rollout with readiness checks, enablement, and compliance validation.

    1. Pre-Deployment Readiness

      Confirm data mappings, access rights, environments, validation plan, and regulatory controls are in place before execution.

      Readiness Questions

      Start Here: A Quick Snapshot of Your World

      • Who is in the room for post-market decisions at your company (names or roles)?
      • Which markets and regulations are highest priority right now? Options: EU MDR, EU IVDR, FDA (US), Other regulated markets (APAC, LATAM), All of the above
      • Roughly how many active device SKUs or product families does your PMS program cover? Options: 1-10, 11-50, 51-200, 200+
      • What are the top three immediate deliverables that keep your team up at night (e.g., MDR reports, PSURs, trending, audits)? Please list.
      • How would you describe your current approach to signal detection? Options: Ad hoc manual review, Rule-based periodic trending, Statistical/algorithmic monitoring, Outsourced or vendor-driven, Not sure
      • How confident do you feel today that your current PMS process would stand up to a regulatory inspection? Options: Very confident, Somewhat confident, Concerned, Not confident at all

      What Could Be Hiding in Plain Sight?

      • If a safety signal today led to a recall, how likely is it that the root cause was visible in your existing data but simply not found? Options: Very likely, Somewhat likely, Unlikely, Unsure
      • Which data sources do you currently rely on for surveillance (select all that apply)? Options: CRM complaints, Field service records, Adverse event inbox, Literature monitoring, Distributor reports, Clinical complaints, Other
      • How regularly are those sources consolidated into a single surveillance view? Options: Daily, Weekly, Monthly, Quarterly, Ad hoc/never
      • Tell us about a time you missed an emerging issue—what signs were present and what stopped the team from acting?
      • How much manual work goes into taking a raw complaint to a reportable event today? Options: Minimal (mostly automated), Moderate (some manual review), High (manual triage and escalation), Unknown
      • Which part of the data pipeline feels most fragile or error-prone to you? Options: Intake/classification, Deduplication/record linkage, Mapping to product families, Trending/algorithms, Report generation, Audit trail

      Who Really Pulls the Trigger on Safety Actions?

      • When a potential signal appears, what usually determines whether it becomes an investigation rather than a note in a tracker? Options: Regulatory threshold, Business impact, Clinical risk, Resourcing capacity, Existing SOPs, Other
      • Which roles must sign off on an MDR or vigilance submission in your organization? Options: Quality Director/VP, Regulatory Affairs, Clinical Safety Lead, Head of Engineering, Legal, Other
      • How aligned are timelines between compliance, operations, and commercial teams when an event needs escalation? Options: Fully aligned, Mostly aligned with occasional delays, Often misaligned, Completely siloed
      • Describe how disputes about reportability are resolved today and how long resolution typically takes.
      • What acceptance criteria do you currently use to close a signal as 'no action'—and how often are those criteria formally documented? Options: Clear and documented, Partially documented, Informal and inconsistent, No formal criteria
      • If decision roles could change tomorrow, what single change would most speed up safe, compliant action?

      Where the Compliance Paper Trail Breaks (and How That Feels)

      • When auditors ask for traceability from complaint intake to regulatory submission, where do you most struggle to produce clean evidence? Options: Data lineage, Versioned reports, Validation records, Investigation files, Sign-off stamps
      • Have you had recent audit findings, warning letters, or regulatory feedback related to post-market surveillance? If yes, what were the themes? Options: Yes—data integrity, Yes—timeliness of reporting, Yes—invalid classification, No recent findings, Prefer not to say
      • How complete are your validation artifacts for the systems used in surveillance (IQ/OQ/PQ, traceability matrices, test scripts)? Options: Complete and up to date, Partially complete, Outdated, Not started/unknown
      • Tell us about a moment when documentation or process gaps created extra risk or rework—what happened and how did it land on the team?
      • Which regulatory controls do you consider non-negotiable to demonstrate before go-live? Options: Data access controls, Audit trails, Validated algorithms, Change control, Retention policies, Other
      • How does it feel internally when an audit exposes PMS weaknesses—embarrassing, urgent, paralyzing, motivating, or something else? Options: Embarrassing, Urgent, Paralyzing, Motivating, Other

      If Reports Came Out Right, Every Time—What Would Change?

      • Imagine MDR/PSUR/FDA reports are delivered accurately and on time for the next 12 months—what immediate business outcomes do you expect? Options: Fewer regulatory actions, Faster corrective actions, Lower cost of compliance, Improved product quality, Stronger executive confidence
      • What specific metrics would convince you the platform is delivering value (e.g., reduction in manual hours, time-to-report, signal detection lead time)? Please prioritize top 3.
      • How important is automated linkage between PMS events and CAPA/engineering workflows to your success? Options: Critical, Very important, Nice to have, Not needed
      • If you could reduce one downstream cost or burden by 50% (e.g., report prep, audit prep, manual triage), which would you choose? Options: Report preparation, Audit preparation, Manual triage, Cross-team coordination, Other
      • What would signal to your executive team that the surveillance program is strategic rather than purely operational?
      • How would your customers or end users notice a meaningful improvement in post-market surveillance? Options: Fewer recalls, Faster responses to complaints, Clearer communications, Improved product safety, They wouldn't notice

      What Implementation Really Looks Like (Not the Sales Pitch)

      • If implementation revealed three hidden integration tasks, how would that change your timeline or budget appetite? Options: Acceptable impact, Moderate concern, Major blocker, Depends on scope
      • Which systems must be connected at go-live (select all that apply)? Options: CRM (complaints), Field service system, EHR/clinical feeds, Literature monitoring tool, Distributor portals, ERP/MDM
      • Do you have a validated test environment strategy (SIT/UAT/PRE-PROD/PROD) and if so, which environments are available today? Options: SIT, UAT, PRE-PROD, PROD only, No environments available
      • Who will own data mappings, and what internal capacity exists for mapping and data cleanup? Options: Quality team, Regulatory team, IT/Integration team, External consultants, Not assigned
      • What are the must-have validation deliverables for your launch (e.g., test scripts, traceability matrix, performance reports) and which are most likely to slow you down?
      • How ready is your IT/security team to grant the access rights needed for integration and ongoing operations? Options: Ready and resourced, Somewhat ready, Understaffed/delayed, Unknown

      One Thing We Could Remove Today—Where Would You Start?

      • If you had to name the single biggest blocker to a smooth go-live, what is it?
      • Which internal stakeholders do we need onboard for a successful pilot and who is the likely executive sponsor?
      • What would success look like after a 90-day pilot (concrete outputs and acceptance criteria)?
      • How much runway (time and budget) do you realistically have to validate, train, and transition teams before regulatory deadlines force prioritization? Options: <1 month, 1-3 months, 3-6 months, 6+ months
      • Which types of training or enablement help your teams adopt new surveillance workflows fastest? Options: Live workshops, Role-based playbooks, Short video modules, On-demand sandbox access, Train-the-trainer
      • Are you open to a staged rollout (pilot product family first) or do you require a big-bang approach? Why? Options: Staged pilot, Big-bang, Undecided
    2. Deployment Enablement

      Execute integrations, configure algorithms and report templates, deliver user training, and coordinate cutover tasks with owners and milestones.

    3. Validation Checklist

      Complete verification: data lineage, trending performance, test MDR/vigilance submissions, documentation for auditors, and formal acceptance.

      Validation Questions

      Quick Intro: Who’s in the Room?

      • Please tell us your name, role, and which part of the product portfolio you represent (brief).
      • Which function best describes where you sit? Options: VP Quality/Head of Quality, Director Post‑Market Surveillance, Regulatory Affairs Director, Head of Safety/Vigilance, Clinical/Medical Safety Lead, IT/Integration Lead, Other
      • Which regulated markets are highest priority for your organization right now? Options: EU (MDR/IVDR), United States (FDA), UK (MHRA), Canada (Health Canada), Australia, Other
      • How many active marketed device families would this program initially cover? Options: 1–5, 6–20, 21–50, 51–200, 200+
      • Roughly how many FTEs are dedicated to post‑market surveillance, vigilance, or complaint handling today? Options: <2, 2–5, 6–15, 16–50, 50+
      • In one sentence, what outcome would make you say this engagement was worth it?

      Are You Comfortable Flying Blind?

      • How often have you felt confident that you would catch an emerging safety signal before it became a regulatory event? Options: Always, Most of the time, Sometimes, Rarely, Never
      • Tell us about a moment when your team discovered a safety issue late—what happened and what was at stake?
      • How frequently do you identify potential signals that later turn out to be meaningful (true positives)? Options: Weekly, Monthly, Quarterly, Annually, Rarely/Never
      • When a potential signal arises, what is your typical time to triage and escalate (from detection to decision)? Options: <24 hours, 1–3 days, 1 week, 2–4 weeks, >1 month
      • What emotions come up for you when you think about missed signals, late reports, or surprise audits? Options: Anxious, Frustrated, Motivated to improve, Resigned/used to it, Other

      Where Your Data Is Hiding (and Why It Matters)

      • If an auditor asked for a full lineage on a complaint today, how many separate systems would you need to query to assemble the story? Options: 1, 2–3, 4–6, 7–10, More than 10
      • Which data sources currently feed your post‑market surveillance view? (select all that apply) Options: CRM/Case management, Field service logs, Adverse event feeds, Clinical literature monitoring, Distributor/complaint portales, Call center transcripts, Device telemetry, None of the above / manual only
      • Which CRM or complaint system is the primary source today? Options: Salesforce Service Cloud, Oracle/Argus, Veeva, Zendesk/Freshdesk, Custom/Legacy, No formal CRM
      • How would you describe the quality of your existing data mappings and unique identifiers across systems? Options: Robust and consistent, Mostly OK with gaps, Weak and inconsistent, Nonexistent
      • What percent of your complaint records are structured (fields) versus unstructured (free text, attachments)? Options: >90% structured, 60–90% structured, 30–60% structured, <30% structured, Unknown
      • What are the top three technical or organizational blockers to connecting those systems? (list)

      What Would a Regulator’s Worst Day Reveal About You?

      • If a regulator requested all records and rationale behind a MDR/MAUDE submission made in the past 12 months, how confident are you that you could provide an audit‑ready trail? Options: Very confident, Somewhat confident, Unsure, Not confident at all
      • Have you had recent audits, FDA inspections, or Competent Authority inquiries that flagged PMS, trending, or reporting gaps? Options: Yes—within 12 months, Yes—1–3 years ago, No, We had internal findings only
      • What formal validation documentation do you currently maintain for your surveillance workflows (e.g., algorithm validation, data mapping verification, user acceptance test scripts)? Options: Full validation package, Partial documentation, Ad hoc notes only, None
      • Who in your organization is accountable for regulatory acceptance criteria and final sign‑off for MDR/vigilance submissions? Options: Head of Regulatory, Head of Quality, Safety/Vigilance Lead, Cross‑functional committee, Not clearly assigned
      • Describe one traceability gap you worry would show up in an audit and what would be required to fix it.

      What If Your System Actually Found the Next Problem?

      • Imagine an early signal that prevents a recall—what would that success look like for your team and patients?
      • Which outcome matters most when measuring signal detection effectiveness? Options: Speed to detection, True positive rate (precision), Sensitivity (recall), Actionable prioritization, Regulatory defensibility
      • How tolerant are you of false positives (noise) if it means catching more true signals? Options: High tolerance, Moderate tolerance, Low tolerance, No tolerance
      • Which cadence do you need for automated reporting and dashboards to feel useful? Options: Real‑time/streaming, Daily, Weekly, Monthly, Quarterly
      • What measurable success signals would make you comfortable to expand a pilot into full deployment? (select up to 3) Options: Reduced time to report, Increased signal detection rate, Fewer regulatory findings, Lower manual processing hours, Faster audit responses, Improved cross‑functional collaboration

      What Needs to Be In Scope to Make This Real?

      • Which functional modules must be included in scope for an initial implementation? Options: Complaint intake & triage, Automated trending & algorithms, Regulatory report generation (MDR/PSUR), Literature monitoring, Field service integration, CAPA linkage, Audit documentation & validation
      • Which integrations will be required as part of scope (select all that apply)? Options: CRM/case system, ERP/service management, EHR/clinical data, Literature providers (e.g., PubMed feed), Third‑party safety databases, Device telematics
      • What kinds of trending algorithms or analytic approaches are you most interested in testing? Options: Disproportionality (PRR/EBGM), Time‑series anomaly detection, Text/semantic clustering, Hybrid rule + ML models, Custom statistical models
      • Which validation deliverables are must‑haves for your QA/regulatory teams? Options: Requirement trace matrix, Algorithm performance report, Data lineage maps, IQ/OQ/PQ scripts, User acceptance test results, SOP updates
      • Who must own operational responsibilities post‑deployment (data steward, surveillance analyst, regulator liaison)? Please name roles and one primary owner each.
      • Are there any hard deadlines (regulatory filings, audits, product launches) that constrain scope or timeline? Please specify dates.

      Can We Agree on a Practical Pilot That Proves Value?

      • If we designed a pilot to demonstrate value in 8–12 weeks, what single objective would make it a success for you?
      • What dataset(s) are available for a focused pilot? (select all that apply) Options: Recent CRM complaints (last 12 months), Field service logs, Adverse event reports, Literature corpus, Synthetic/test dataset only, None available currently
      • What acceptance criteria would you require to sign off the pilot? (select up to 3) Options: Detection of X% more signals, Reduction of manual triage hours by Y%, Validated data lineage for pilot cases, Successful simulated MDR submission, User adoption by core team
      • Who are the decision makers who must approve pilot continuation or commercial terms? Options: VP Quality, Head Regulatory, CRO/CEO, Head of IT, Procurement/Finance
      • What budget posture exists for a pilot and follow‑on deployment? Options: Committed budget, Budget under discussion, Requires business case, No budget yet
      • What would be a realistic launch window for a pilot given your internal constraints? Options: Immediately (within 2 weeks), In 1–2 months, In 3–6 months, Later this year, Unsure

      How Will This Change Feel Day‑to‑Day?

      • Who will be the daily users of the platform and what are their primary frustrations with current tools? Options: Surveillance analysts, Regulatory authors, Quality engineers, Field service managers, IT/integration staff, Other
      • What training or enablement format helps your teams adopt new systems fastest? Options: Hands‑on workshops, Role‑based eLearning, Shadowing and coaching, Quick reference guides, Blended approach
      • Which internal change blockers do you expect (culture, process, tooling, headcount)? Options: Process inertia, Limited headcount, Data ownership disputes, IT priorities, Regulatory skepticism, Other
      • How will you measure user confidence and adoption after deployment? (select up to 3) Options: Login/usage metrics, Time saved per case, Number of validated signals, User satisfaction surveys, Reduction in audit findings
      • If adoption stalls, what escalation path or incentives have historically worked to get teams back on board?

      Next Steps: What Would Success Actually Look Like?

      • Summarize in one paragraph what would need to change for you to declare this project successful at 6 months.
      • Which three KPIs should we track together during implementation and beyond? Options: Time to detect signals, Number of validated signals, Time to MDR submission, Audit response time, Manual processing hours saved, User adoption rate
      • Who else should we bring into the conversation to make decisions faster (names and roles)?
      • What are your biggest remaining concerns about moving forward—technical, regulatory, people, or financial? Options: Technical integration, Regulatory defensibility, User adoption, Budget/ROI, Validation burden, Other
      • Finally, what would you like us to prepare for the next meeting to make it as valuable as possible? Options: High‑level implementation plan, Pilot data checklist, Estimated cost and timeline, Example validation artifacts, Demo using sample data
  7. Success

    Review outcomes against success signals, close remaining gaps, and maintain a shared channel for issues and enhancements.

    Success Reviews

    • Success Outcomes Review — Executive Alignment
    • Gap Resolution Workshop — Tactical Closeout
    • Continuous Improvement & Enhancements Planning
    • Audit & Regulatory Acceptance Review

    Issues & Enhancements

    • Welcome & Objectives
    • Schedule validation test runs and assign validators from regulatory/quality teams.
    • Implement agreed temporary controls for any gaps posing immediate regulatory risk.
    • Update traceability matrix to link remediation tasks to acceptance criteria and audit artifacts.
    • Synthesis of User Feedback & Metrics
    • Create a prioritized backlog of enhancements balancing compliance risk and operational value.
    • Define the shared channel usage, triage, and escalation rules with SLA targets.
    • Agree pilots and validation approach for high-impact enhancements.
    • Publish prioritized enhancement backlog with estimated effort and compliance impact.
    • Configure the shared issues/enhancements channel and document triage/escalation SLAs.
    • Schedule pilot validation windows and identify sample datasets and success metrics.
    • Assign product/engineering owners for top 3 enhancements for next cycle.
    • Validation Deliverables Review
    • Confirm audit pack completeness and that evidence satisfies MDR/IVDR and FDA expectations.
    • Obtain formal sign-off for regulatory readiness or agree an action plan to reach readiness.
    • Agree handover tasks to audit and operational teams with owners and timelines.
    • Finalize and upload the audit pack to the controlled repository with version control.
    • Obtain required sign-offs from QA, Regulatory, and Product for regulatory acceptance.
    • Schedule a mock audit and assign attendees from product, IT, and regulatory to validate readiness.
    • Close any remaining doc gaps and update the validation traceability matrix.
    • Validate measured outcomes against each success signal and surface any deviations.
    • Ensure executives understand consequence of remaining gaps and approve remediation or formal acceptance.
    • Establish owners, timelines, and the shared communication channel for ongoing issues.
    • Produce a concise outcomes report mapping each success signal to measured metrics and gaps.
    • If required, approve and publish the prioritized remediation plan with owners and deadlines.
    • Create the shared issues/enhancements channel and invite named stakeholders.
    • Record formal acceptance decision and archive in project governance folder.
    • Pre-work & Context Check
    • Agree remediation approach and owner for each top-priority gap.
    • Define concrete validation steps and acceptance criteria to prove each gap's closure.
    • Establish timelines and interim mitigations to reduce regulatory exposure.
    • Publish the remediation task list with owners, dependencies, and delivery dates.
    • Current State (one-sentence)
    • Top Gaps Review with Consequence Quantification
    • Prioritization Framework (Compliance Impact/Risk/Value)
    • Data Lineage & Traceability
    • Test MDR/Vigilance Submissions & Evidence
    • Measured Outcomes vs Success Signals
    • Root-Cause Analysis & Option Mapping
    • Roadmap & Resource Planning
    • Shared Channel & Escalation Workflow
    • Define Remediation Tasks, Owners, & Timelines
    • Gap Summary with Consequence
    • Outstanding Documentation Gaps & Regulatory Consequence
    • Pilot/Validation Approach for Enhancements
    • Proof Cases — Diagnosis → Proof → Validation
    • Formal Acceptance Checklist & Handover
    • Validation Plan & Acceptance Criteria
    • Decision & Acceptance Discussion
    • Risk Mitigation & Temporary Controls
    • Next Steps & Governance
First-Party AI

1-2 minutes please — Your AI agent is working

First-Party AI™ can make mistakes. Always check important information.