Post-Market Surveillance (PMS)¶
Post-market surveillance is the proactive and reactive collection and review of real-world experience once the device is in use, so that the Hazard Log, Clinical Evaluation and Clinical Safety Case stay current. This plan describes how the RCPCH conducts PMS for the Digital Growth Charts (dGC) Platform.
An open surveillance model
Most of the dGC Platform's post-market surveillance happens in the open. Because development, issue tracking and discussion are public, the surveillance base is far wider than for a typical closed Health IT system — anyone, anywhere can inspect the code and raise a concern.
Purpose and scope¶
This plan applies to the RCPCH-operated dGC Platform as defined in the Intended Purpose. It covers surveillance of clinical safety and performance (in particular, the accuracy of growth calculations and the availability of the service). Organisations self-hosting or otherwise deploying the software assume their own post-market responsibilities under DCB0160.
Data sources monitored¶
| Source | Type | What it tells us |
|---|---|---|
| GitHub Issues (public, across the RCPCH repositories) | Reactive + proactive | The primary, open channel for bug reports, feature requests and safety concerns. Issues feed directly into the development workflow. |
| RCPCH forum — forum.rcpch.tech | Reactive + proactive | Open discussion with users, implementers and clinicians about implementation and safety. |
| Direct communication with implementers | Reactive | Private email and messaging with subscribing implementers, used where a matter is not suitable for public discussion. |
| Security disclosures — growth.digital@rcpch.ac.uk | Reactive | Responsible disclosure channel for security issues (see the Clinical Risk Management Plan). |
| State-of-the-art and literature review | Proactive | Ongoing review of developments in growth-reference methodology and international standards, including activity concerning WHO growth references in the underlying rcpchgrowth library. |
| Service monitoring | Proactive | Availability and operational monitoring of the API on Azure / Azure API Management. |
Process and cadence¶
- Continuous intake. Reports arrive at any time through the channels above. Anyone may raise a public GitHub Issue.
- Triage. Incoming reports are triaged as part of the two-weekly sprint planning, at which clinical safety is a standing agenda item (see the Clinical Risk Management Plan). Any report suggesting a safety concern is escalated to the Clinical Safety Officer immediately rather than waiting for the next sprint.
- Assessment. The CSO assesses whether a report indicates a new or changed hazard, a possible inaccuracy, or a reportable incident.
- Action. Outcomes may include: a code fix under change control; an update to the Hazard Log, Clinical Evaluation or this plan; or — where applicable — vigilance reporting (below).
- Periodic review. PMS data is reviewed in aggregate at each management review, looking for trends not visible in individual reports.
Triggers for escalation¶
A post-market signal triggers formal risk-management review (and, where indicated, a corrective action) when it suggests any of:
- a possible inaccuracy or methodological error in a growth calculation;
- a new hazard not currently in the Hazard Log, or a change to the likelihood or severity of an existing one;
- a recurrent or systemic availability problem;
- a security vulnerability affecting safety or data protection.
Vigilance — reporting to the MHRA¶
A serious incident — any malfunction or inadequacy that has led, or could lead, to death or serious deterioration in health, or a serious public health threat — is reportable to the MHRA. The Person Responsible for Regulatory Compliance (PRRC) is responsible for assessing reportability and making any report within the required timelines. The incident-handling process is set out in the Clinical Risk Management Plan.
Surveillance summary to date¶
No reported inaccuracies to date
As at the date of the most recent commit to this document, there have been no reports of inaccuracy, nor of any mathematical or methodological error, in the growth-chart calculations produced by the RCPCH dGC Platform. The continuous static test harness has likewise reported no calculation regressions.
This summary stands as the Platform's current periodic safety position. A consolidated periodic safety review will be produced at least annually as part of, or alongside, the management review, summarising surveillance data, conclusions on safety and performance, and any resulting actions.
Roles and review¶
- PRRC / Clinical Safety Officer — Dr Marcus Baw: owns PMS, vigilance reporting and the periodic safety position.
- Senior Clinical Adviser — Dr Simon Chapman: clinical assessment of signals.
This plan is reviewed at each management review and whenever the surveillance approach changes. The Git commit history of this file is its version record.