What are General Safety and Performance Requirements (GSPR)?

The mandatory requirements in Annex I of the EU MDR that medical devices must meet to be placed on the EU/EEA market, covering safety, performance, risk management, clinical evidence, and information supplied with the device.

Do all GSPR clauses apply to every device?

No. Manufacturers must meet all applicable clauses and justify any non-applicability in a documented GSPR matrix that maps clauses to objective evidence.

How is GSPR compliance demonstrated?

Through technical documentation that includes a GSPR matrix, risk management file, verification and validation reports, clinical evaluation (and PMCF where appropriate), and compliant labeling/IFU.

« Back to Glossary Index

General Safety and Performance Requirements (GSPR) — EU MDR

The General Safety and Performance Requirements (GSPR) are the mandatory, clause-by-clause requirements in
Annex I of Regulation (EU) 2017/745 (MDR) that every medical device must meet to be placed on the EU/EEA market.
They define how devices must be safe, perform as intended, and be supported by appropriate
risk management, clinical evidence, and post-market surveillance.
(For IVDs, equivalent requirements are set out in Annex I of the IVDR.)

Annex I MDR
Mandatory
Risk & Clinical Evidence

What GSPR means in practice

Applicability: Not every clause applies to every device. All applicable requirements must be met; non-applicable ones must be explicitly justified.
Evidence: Compliance is demonstrated via a GSPR matrix (mapping each clause to objective evidence) and maintained within the technical documentation.
Standards: Using harmonized/recognized standards is voluntary but provides a presumption of conformity when correctly applied.
Lifecycle: GSPR compliance spans design, manufacture, labeling/IFU, clinical evaluation, and PMS/PMCF—throughout the device lifecycle.

MDR Annex I — structure at a glance

Chapter I — General requirements: state of the art, risk/benefit, risk management, usability, protection against risks.
Chapter II — Requirements regarding design & manufacture: chemical/biological/physical properties, infection control, construction & materials, devices with measuring function, protection against radiation, active devices & energy sources, device connections, software & cybersecurity, and specific device types.
Chapter III — Information supplied with the device: labeling and IFU requirements (symbols, warnings, content, legibility, language, and placement).

Building a defensible GSPR file — stepwise

1) Define intended purpose & device specification

Write precise intended purpose, indications, users, environments, and performance claims. These drive applicability and evidence selection across Annex I.

2) Risk management (ISO 14971 aligned)

Plan, identify hazards, estimate & evaluate risks, implement controls, and verify residual risk acceptability. Link each control to the relevant GSPR clause(s).

3) Map GSPR clauses → evidence

Create a GSPR matrix listing every applicable clause and the objective evidence (reports, certificates, test data, procedures) that demonstrates conformity; justify any N/A items.

4) Verification & validation (bench and, if relevant, clinical)

Compile performance testing (e.g., mechanical, electrical safety/EMC), biocompatibility, sterilization & shelf life, usability/human factors, software lifecycle (where applicable), and any necessary clinical data.

5) Labeling & IFU conformity

Ensure information supplied with the device meets Annex I Chapter III (content, symbols, warnings, readability, languages) and is consistent with risk controls and intended purpose.

6) PMS & PMCF alignment

Plan post-market surveillance and, where appropriate, PMCF to confirm ongoing safety/performance and to update the risk-benefit and clinical evaluation over time.

Common evidence used to meet GSPR

Risk management file (ISO 14971 aligned).
Biocompatibility (ISO 10993 series as applicable).
Electrical safety & EMC (e.g., IEC 60601-1, 60601-1-2) for active devices.
Software lifecycle & cybersecurity (e.g., IEC 62304, secure development docs, vulnerability management) for software/programmable devices.
Usability engineering (IEC 62366-1).
Sterilization, packaging, and shelf life (e.g., ISO 11135/11137/17665; ISO 11607).
Clinical evaluation per MDR Article 61/Annex XIV and, where applicable, PMCF.
Labeling & IFU meeting Annex I Chapter III requirements; consistent with risk controls and claims.

Quick checklist

Every applicable GSPR clause is addressed with objective evidence.
Each not applicable clause is justified clearly.
Evidence reflects current state of the art and recognized standards where used.
Labeling/IFU content matches intended purpose, risk controls, and performance claims.
PMS/PMCF plans are in place to verify continued conformity after market entry.