Quality management system (QMS)

As a manufacturer of medical device software, Dignio has implemented a Quality Management System (QMS) in line with the required ISO standards to ensure that all requirements under the MDR are fulfilled. The overarching quality system has been designed in accordance with the requirements of ISO 13485, which is the standard applicable to the design and production of medical devices.

The QMS also includes comprehensive procedures relating to privacy, information security and data protection and these sections have been designed against the GDPR, ISO 27001 and customer specific requirements such as the NHS Data Security & Protection Toolkit.

The Dignio QMS, as well as Dignio’s compliance with the QMS have been reviewed and audited by an external auditor, and we are now proud to call ourselves an ISO 13485 and ISO 27001 certified company.

The QMS has been developed and implemented to ensure that Dignio provides medical devices and related services that consistently meet customer and applicable regulatory requirements, and is of the quality to be expected from a medical device software.

The QMS has procedures in place for resource management, product realisation, post-market surveillance and information security management. The system is designed with risk identification and management as a core element, which entails that all resources are properly allocated to where it is most needed at any given time to mitigate potential errors, malfunctions or other interruptions that might occur to our services.

Risk management procedures

The risk management procedures in Dignio's QMS have been prepared in accordance with the requirements of the following standards:

• ISO 13485 (2016-): Medical devices - Quality management systems - Requirements for regulatory purposes.
• ISO/IEC 27001 (2017-): Information technology. Security techniques. Information security management systems. Requirements.
• ISO 14971 (2012-): Medical Devices - Application of risk management to medical devices.
• IEC/TR 80002-1 (2009–): Medical device software – Part 1: Guidance on the application of ISO 14971 to medical device software.
• DCB0129 (2018-): Application of clinical safety risk management to the manufacture of health IT systems.
• IEC 62304 (2006–): Medical device software – Software lifecycle processes.
• BS EN 62366-1:2015- Application of usability engineering to medical devices.

Data protection regulation

Dignio is also observing local data protection regulations and best practice standards in the countries in which it operates, including the security standards of the National Health Service (NHS).

All the data we process on behalf of our customers based in the United Kingdom are stored on servers in London, UK. The servers are provided by Amazon Web Services Europe, which adhere to all essential security standards pertaining to cloud storage providers, including ISO 27001, ISO 27017 and ISO 27018.

If you have any questions, feel free to contact us at post@dignio.com.