Skip to main content
QMSQMS
QMS
  • Welcome to your QMS
  • Quality Manual
  • Procedures
  • Records
  • Legit.Health Plus Version 1.1.0.0
    • Index
    • Overview and Device Description
    • Information provided by the Manufacturer
    • Design and Manufacturing Information
      • Product Requirement Specification (PRS)
      • Software Requirement Specification (SRS)
      • R-TF-012-019 SOUPs
      • R-TF-012-023 Software Development Plan
      • R-TF-012-030 Software Configuration Management Plan
      • Review meetings
      • R-TF-012-033 Software Tests Plan
      • R-TF-012-037 Labeling and IFU Requirements
      • deprecated
    • GSPR
    • Benefit-Risk Analysis and Risk Management
    • Product Verification and Validation
    • Post-Market Surveillance
  • Legit.Health Plus Version 1.1.0.1
  • Licenses and accreditations
  • Applicable Standards and Regulations
  • Grants
  • Pricing
  • Public tenders
  • Legit.Health Plus Version 1.1.0.0
  • Design and Manufacturing Information
  • Product Requirement Specification (PRS)

Product Requirement Specification (PRS)

View:
CodeNameDescriptionStakeholder
PRS-8QJGenerate an interpretative probability distribution of possible ICD categories by analysing images

The device shall analyse dermatological images and produce a ranked interpretative probability distribution across the relevant ICD classes , ensuring that the probabilities sum to 100%. For every class listed, the system must simultaneously generate explainability mechanisms to allow users to supervise its operation, including—but not limited to—pixel-level attention indicators such as heat maps or saliency masks that highlight the image regions most influential to each category.

User
PRS-2ZBQuantitative assessment of dermatological visual sign intensity

The device shall analyse dermatological images and quantify the intensity of visible clinical signs by outputting probability distributions across validated ordinal scales (0-9). For each applicable visual sign detected in an image, the system shall:

  • Compute a normalized probability vector across the ordinal intensity categories, where the sum equals 100%.
  • Derive a continuous severity score via weighted expected value calculation: ŷ = Σ(i × pᵢ), where i represents each ordinal category and pᵢ its corresponding probability.
  • Achieve Relative Mean Absolute Error (RMAE) ≤ 20% when validated against expert consensus, demonstrating performance superior to inter-observer variability.
  • Report all outputs with 95% confidence intervals.

The quantifiable visual signs include:

Inflammatory signs: erythema, desquamation, induration, pustules, crusting, xerosis, swelling, oozing, excoriation, lichenification.

These quantitative intensity measurements shall serve as objective input components for healthcare professionals to manually compute validated composite severity indices (e.g., PASI, SCORAD, EASI, IGA, IHS4), ensuring reproducibility and reducing inter-observer variability in clinical assessment workflows.

User
PRS-3TCQuantitative assessment of dermatological structural features and lesion morphometry

The device shall analyse dermatological images to quantify structural characteristics, spatial distribution, and discrete lesion counts through multiple AI-driven measurement modalities. The system shall provide:

Binary classification outputs for presence/absence detection of clinically significant features, achieving Area Under the ROC Curve (AUC) ≥ 0.80 with 95% confidence intervals:

  • Wound characteristics: perilesional erythema, wound edge morphology (damaged, delimited, diffuse, thickened, indistinguishable), perilesional maceration, exudate types (fibrinous, purulent, bloody, serous), biofilm-compatible tissue, affected tissue depth (intact skin, dermis-epidermis, subcutaneous, muscle, bone), wound bed tissue composition (necrotic, closed, granulation, epithelial, slough).

Segmentation-based quantitative outputs for two-dimensional surface area measurements:

  • Percentage coverage: relative area of detected features normalized to total lesion or anatomical region (e.g., erythema percentage, granulation tissue percentage, wound closure percentage, hair loss percentage, nail lesion percentage, pigmentary alteration percentage).
  • Absolute measurements (when calibration available): surface area in cm², perimeter in cm, maximum length and width dimensions.
  • Segmentation masks: pixel-level delineation with class labels (e.g., background, lesion, healthy tissue) enabling spatial analysis and longitudinal tracking.

Applicable segmentation targets include: wound bed area, erythema extent, granulation tissue, biofilm/slough, necrosis, maceration, orthopedic material exposure, bone/cartilage/tendon exposure, hair loss, nail lesions, hypopigmentation/depigmentation, hyperpigmentation.

Object detection and counting outputs for discrete lesion enumeration:

  • Absolute counts: number of detected lesions or structures (e.g., inflammatory nodules, abscesses, draining/non-draining tunnels, papules, pustules, cysts, comedones, nodules, hives, hair follicles).
  • Bounding box annotations: spatial coordinates for each detected object with class labels and confidence scores.
  • Density metrics: lesions per unit area when combined with surface area quantification.

Multi-class classification outputs for lesion staging and phenotyping:

  • Wound stage classification (Stage 0, I, II, III, IV) according to standardized protocols.
  • Hurley staging (I, II, III) for hidradenitis suppurativa severity.
  • Inflammatory activity status (active vs. quiescent disease).
  • Acne severity grading (IGA scale 0-4: Clear, Almost Clear, Mild, Moderate, Severe).
  • Phenotype identification (e.g., follicular, inflammatory, mixed patterns).

All outputs shall:

  • Be generated with accompanying confidence scores or probability distributions.
  • Undergo validation on independent, diverse test datasets representing varied skin types, anatomical sites, imaging conditions, and disease severities.
  • Serve as objective, quantitative input components for healthcare professionals to interpret, combine with patient-reported data, and compute composite clinical scores or make treatment decisions.
  • Include explainability mechanisms (when applicable) such as attention maps or saliency overlays to support clinical supervision and trust.

The device shall not autonomously compute composite severity indices but shall provide the constituent measurements necessary for clinicians to apply validated scoring systems according to their clinical judgment and established protocols.

User
PRS-7XKAssess image adequacy on ingestion

Upon ingestion, the device shall automatically evaluate every incoming image against a predefined and version-controlled set of adequacy criteria.

User
PRS-1V6Expose the device’s functionality through a versioned, network-accessible API

The device shall expose its medical features through a secure, version-controlled API that can be accessed over a network. Each published API version will carry a clear semantic identifier (e.g., v1.0, v2.1) and will remain stable for its designated support window, allowing customers to upgrade on their own schedules without service interruption. The API must maintain deterministic response formats and latency suitable for point-of-care use, with graceful error handling and informative status messages to facilitate rapid troubleshooting.

Every data element accepted by the device must undergo a centralized, independent validation pipeline to detect missing, out-of-range, or malformed values before further processing. Whenever a validation failure occurs, the system shall surface an actionable error report that at least combines a human-readable message, a unique traceable code, and a concise remediation hint (e.g.,“Invalid JSON syntax—remove trailing comma and ensure keys are double-quoted,” or “Field ‘bodySite’ missing—add string value from defined enumeration.”) to enable quick correction by clinicians or integrators. Error messages presented to end users shall use non-technical language, and avoid Protected Health Information (PHI) exposure.

User
PRS-4QWComprehensive monitoring & observability of runtime operations

The device shall embed a unified monitoring and observability layer that continuously captures key runtime signals—performance metrics, structured logs, error rates, hardware resource utilisation, data-flow timings, algorithm confidence scores, and user-initiated events—across all device’s services. Real-time thresholds shall trigger configurable alerts whenever behaviour deviates from validated baselines, enabling rapid triage of anomalies such as model drift, image-processing bottlenecks, or network outages.

User
PRS-9F2Cybersecurity & continuous threat detection

The device shall maintain a defence-in-depth security posture that safeguards patient data, intellectual property, and clinical functionality throughout the device lifecycle by enforcing secure boot, cryptographically signed updates, authentication and role-based access controls, and end-to-end encryption for data in transit and at rest. A built-in continuous-threat-detection service shall ingest vulnerability feeds, and run host- and network-level anomaly detection to flag malware, privilege-escalation attempts, or unauthorized API calls within seconds.

Patient
PRS-5LJSupport health data interoperability using the HL7 FHIR standard

The device shall exchange healthcare information with other clinical systems through the HL7 Fast Healthcare Interoperability Resources (FHIR) standard. It mandates that key data be packaged as structured FHIR Resources that electronic health-record (EHR) platforms, hospital information systems, and research registries can consume without custom adapters. The device must expose a standards-conformant interface that lets authorised systems retrieve, store, and query those resources, using the current normative FHIR release at the time of market launch and clear version tagging to preserve backward compatibility.

Patient
PRS-0MCComprehensive secure audit trails for user interactions

The device shall automatically create and keep an auditable record of all actions, whether initiated by a user or the system, performed via any interface. Each entry must capture the actor’s verified identity and role, event type, precise timestamp traceable to a trusted time source, system response (if applicable), and relevant contextual data, while never exposing patient information in clear text. Audit files are to be write-once, tamper-evident, and cryptographically sealed so that any attempt at alteration or deletion is immediately detectable and traceable.

User
PRS-3YHCompliance with MDR

The device shall be developed in compliance with the MDR.

Regulatory
PRS-6DPCompliance with FDA

The device shall be developed in compliance with the FDA.

Regulatory
PRS-8R4Compliance with ANVISA

The device shall be developed in compliance with ANVISA.

Regulatory
PRS-5MHCompliance with MHRA

The device shall be developed in compliance with MHRA.

Regulatory
PRS-2KQCompliance with GDPR

The device shall provide optimal security for the personal data it manages in compliance with the General Data Protection Regulation (GDPR).

Regulatory and Patient
PRS-7Z8Compliance with HIPAA

The device shall provide optimal security for the Protected Health Information (PHI) it manages, in compliance with the Health Insurance Portability and Accountability Act (HIPAA).

Regulatory and Patient
PRS-1XUCompliance with Applicable Standards

The device shall be developed in accordance with the international standards to which it is deemed compliant–see:

  • ISO 13485:2016 (Medical devices - Quality management system)
  • IEC 62304:2006 + A1:2015 (Medical device software - Software life cycle processes [Including Amendment 1 (2015)])
  • ISO 14971:2019 (Medical devices - Risk management applications for medical devices)
  • IEC 62366:2015 (Medical devices - Application of usability engineering to medical devices [Including CORRIGENDUM 1 (2016)])
  • IEC 62443-4-2:2019 (Security for industrial automation and control systems - Part 4-2: Technical security requirements for IACS components)
  • IEC 82304-1:2017 Health Software - Part 1. General requirements for product safety
Regulatory
PRS-4E7Compliance with EU Artificial Intelligence Act

This product requirement ensures compliance with the EU Artificial Intelligence Act for high-risk AI systems embedded in medical devices. It defines obligations around transparency, traceability, and human oversight throughout the AI lifecycle.

Regulatory
PRS-9J5Compliance with all applicable national laws and regulations in each of the intended target markets

The device may be placed in Austria, Belgium, Bulgaria, Croatia, Cyprus, Czechia, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden in compliance with national regulations.

Company
Previous
Design and Manufacturing Information
Next
Software Requirement Specification (SRS)
All the information contained in this QMS is confidential. The recipient agrees not to transmit or reproduce the information, neither by himself nor by third parties, through whichever means, without obtaining the prior written permission of Legit.Health (AI LABS GROUP S.L.)