Looking at ISO13485, it almost seems like it is up to the organization how they control the medium of their records. 4.2.5 states "the organization shall document procedures to define the controls needed." So, we can have our forms go through the same process as 4.2.4, but it is not required? Am I interpreting this correctly?
