Amphi Systems works under an integrated management system (IMS), covering both quality- and privacy information management (QMS and PIMS), in order to better satisfy our customer’s needs, to ensure product quality, and to improve the management of our company. The IMS is designed to fulfil the requirements of the international standards ISO 13485, ISO 27001 and ISO 27701, and to ensure compliance with the Medical Device Regulation (EU) 2017/745 (MDR), the General Data Protection Regulation (EU) 2016/679 (GDPR) and local jurisdictional requirements.
The Quality Management System (QMS) applies to the companies’ development, manufacture and distribution of software products for the healthcare sector. In addition to ISO 13485, the company also makes use of international standards for medical device risk management (ISO 14971), software life-cycle processes (IEC 62304) and usability (IEC62366). The company maintains technical files for all medical device software, comprising the Design History File, Device Master Record, Device History File, Clinical Evaluation and Post-market surveillance records.
Information Security and Privacy Information Management
The Privacy Information Security Management System (PIMS) applies to all activities carried out on or off premises, where company property is used (e.g. laptops, mobile devices) or company networks are accessed (e.g. via VPN). The PIMS is designed to cover all core business activities of the companies, including data processing, research and development activities and software products provided by the companies. The company has implemented a range of security controls, including policies, awareness programs and physical or electronic controls in order to ensure a high level of information security and privacy.