Quality & Compliance


Medical Device Software

EU MDR & US FDA SaMD Regulation

Medical Device Compliance regulations can be difficult and frustrating to navigate. Particularly when it comes to Medical Device Software (MDSW). Simply establishing your application’s classification can be challenging, let alone navigating the requirements and pathway to achieving certification.


two doctors looking at digital images on tablet

At Santegic, we can help you in your journey to attaining compliance with both the EU’s Medical Device Regulation (MDR) and the US FDA’s Software as a Medical Device (SaMD) regulations. Our industry expert advisors can guide you through classifying your product and creating a certification pathway, as well as providing consulting support during implementation.

ISO 13485 Medical Device QMS

It is important for Medical Device Software companies to be able to demonstrate a commitment to quality. ISO 13485 is the most widely recognised industry standard QMS governing Medical Device Software. Santegic’s experts can help to guide you through the process of adopting and preparing for ISO 13485 certification for your software.

Our experienced advisors can provide expert advice to support your implementation and conduct mock audits to help you perfect your implementation prior to assessment for certification by a third-party auditor.

Information Security & Data Protection

ISO 27001 Information Security Management Systems (ISMS)

ISO 27001 is the most widely used and recognised information security management system (ISMS) globally. Certification to this standard demonstrates your organisations commitment to managing information security risk – an increasingly important concern for clients and customers. In doing so ISO 27001 can provide a valuable compliment to an existing ISO 9001 certification demonstrating a commitment to both security and quality.

Beyond our knowledge of ISO 27001, Santegic’s advisors also bring their experience and deep knowledge of the health sector. This ensures that our ISO 27001 implementation support services address the specific concerns and needs of healthcare organisations with respect to the security of medical information.

General Data Protection Regulations (GDPR)

Compliance with the EU’s General Data Protection Regulation (GDPR) is a core requirement for any organisation operating within the EU, as well as organisations operating outside the EU that process the personal data of EU residents. GDPR sets out significant obligations on organizations that process personal data, such as obtaining consent for processing, implementing appropriate security measures, and notifying authorities of data breaches.

Navigating and interpreting the implications of the GDPR can be extremely difficult and requires not only a solid understanding of the regulations details, but also an insight into how it applies in a particular context such as the health sector.

Santegic’s expert advisors bring together deep sectoral experience with expert knowledge of the GDPR to provide effective data protection advisory and data impact assessment services.

Clinical Care Quality

Joint Commission International (JCI)

The Joint Commission International (JCI) is the most recognised standard for quality and patient safety globally. JCI accreditation demonstrates that a healthcare organisation is committed to meeting and maintaining the highest standards of patient care.

Santegic can support your organisation in its journey to achieve the relevant JCI accreditation by providing organisational and operational assessments as well as  mock audits.

Ready to take your startup to the next level?