Search the Elsmar Cove!
**Search ALL of Elsmar.com** with DuckDuckGo including content not in the forum - Search results with No ads.

Procedure on Privacy Policy in the ISO 13485 quality management system

yodon

Staff member
Super Moderator
#2
Do you mean in terms of the devices you manufacture or internally like personnel records?

If the former, I think you would if you handle protected info in any way. 4.2.5 (control of records) explicitly requires "The organization shall define and implement methods for protecting confidential health information contained in records in accordance with the applicable regulatory requirements." Setting the foundation with policy would be appropriate, IMO.
 

SGquality

Quite Involved in Discussions
#3
Not for personnel records but mainly on the lines of ensuring data privacy collected by the device. Hence how could we adopt the privacy principles at the design stage?
 

William55401

Involved In Discussions
#4
Include privacy as a Design Input, one of many, that must be accounted for in the overall design solution. The design outputs will ultimately be verified against the inputs. Besides the ISO cite above, you probably have a HIPAA requirement and others you are thinking about. I am not sure you need a procedure; just call it an input and the Design Controls should address it via the detailed design and design verification.
 
Top Bottom