Skip to main content
QMSQMS
QMS
  • Welcome to your QMS
  • Quality Manual
  • Procedures
    • GP-001 Control of documents
    • GP-002 Quality planning
      • Templates
    • GP-003 Audits
    • GP-004 Vigilance system
    • GP-005 Human Resources and Training
    • GP-006 Non-conformity, Corrective and Preventive actions
    • GP-007 Post-market surveillance
    • GP-008 Product requirements
    • GP-009 Sales
    • GP-010 Purchases and suppliers evaluation
    • GP-011 Provision of service
    • GP-012 Design, redesign and development
    • GP-013 Risk management
    • GP-014 Feedback and complaints
    • GP-015 Clinical evaluation
    • GP-016 Traceability and identification
    • GP-017 Technical assistance service
    • GP-018 Infrastructure and facilities
    • GP-019 Software validation plan
    • GP-020 QMS Data analysis
    • GP-021 Communications
    • GP-022 Document translation
    • GP-023 Change control management
    • GP-024 Predetermined Change Control Plan
    • GP-025 Usability and Human Factors Engineering
    • GP-027 Corporate Governance
    • GP-028 AI Development
    • GP-029 Software Delivery and Commissioning
    • GP-030 Cyber Security Management
    • GP-050 Data Protection
    • GP-051 Security violations
    • GP-052 Data Privacy Impact Assessment (DPIA)
    • GP-100 Business Continuity (BCP) and Disaster Recovery plans (DRP)
    • GP-101 Information security
    • GP-200 Remote Data Acquisition in Clinical Investigations
    • GP-026 Market-specific product requirements
    • GP-110 Esquema Nacional de Seguridad
  • Records
  • Legit.Health Plus Version 1.1.0.0
  • Legit.Health Plus Version 1.1.0.1
  • Legit.Health Utilities
  • Licenses and accreditations
  • Applicable Standards and Regulations
  • Pricing
  • Public tenders
  • Procedures
  • GP-002 Quality planning

GP-002 Quality planning

Procedure flowchart​

Purpose​

To define the methodology to manage all the activities related to the planning of our Quality Management System (QMS).

Scope​

All the aspects of the QMS that can have a significant impact directly or indirectly on the process of quality planning and the QMS.

Definitions​

  • SWOT: SWOT analysis is a framework for identifying and analyzing an organization's strengths, weaknesses, opportunities and threats.
  • CAME: CAME (Correct; Adapt to; Maintain; Explore) is the tool that will help us put into practice what was obtained in the SWOT analysis. We are going to correct weaknesses, face threats from the environment; we are going to maintain the strengths and finally we are going to explore the opportunities.
  • Threats: External risks that we do not have direct control over.

Responsibilities​

JD-001​

To provide the company with the necessary resources to implement and improve the QMS, approve the T-002-002 Quality objectives, the T-002-004 Annual management review report and the T-002-007 Process validation cards. To perform and approve the T-002-006 SWOT and CAME analysis.

JD-004​

To monitor the T-002-002 Quality objectives, the T-002-003 Quality indicators, the actions to address the risks, and to prepare the T-002-004 Annual management review report and the T-002-007 Process validation cards.

JD-003​

To help the JD-001 and JD-004 on the activities related to the process planning. To attend to the annual management review meeting and review the T-002-004 Annual management review report.

JD-005​

To help the JD-001 and JD-004 on the activities related to the process planning. To attend the annual management review meeting and review the T-002-004 Annual management review report.

Inputs​

  • Quality planning requirements
  • Quality Policy
  • QMS background and previous experience
  • Customer and legislation requirements

Outputs​

  • Successful implantation of the QMS and continuous improvement.
  • T-002-002 Quality objectives
  • T-002-003 Quality indicators
  • T-002-004 Annual management review report
  • T-002-005 Quality calendar
  • T-002-006 SWOT and CAME analysis
  • T-002-007 Process validation cards

Development​

Human resources quality planning​

We have planned an organizational structure of our personnel established in the Annex-3 Organization chart defined in our human resources tool, and the substitutes for each position are recorded in the Annex-4 Substitution table. When necessary, the implemented changes are recorded as defined in the Procedure GP-001 Documents and records control and GP-005 Human resources and training.

The experience, knowledge and responsibilities required for each position are defined in the T-005-001 Job description. When the corresponding job description is modified or created, it will be done in accordance with the Procedure GP-001 Documents and records control and GP-005 Human resources and training.

The activities related to the training actions and the methodology we have implanted to satisfy the needs to accomplish the personnel competence requirements are described in the procedure GP-005 Human resources and training.

Organizational philosophy​

The Quality policy (Annex-1 Quality policy) defines the company philosophy regarding quality. It is reviewed and approved yearly, and communicated to our personnel. The quality policy lays the foundation on which the quality objectives are established, and recorded at the T-002-002 Quality objectives.

The quality policy is accessible to all the members of the company in electronic format within this QMS and also through our website.

Quality planning​

Quality objectives​

Every year, during the annual management review, the top management establish the new quality objectives for the year. Each quality objective is related to an associated individual planning and contains the following information:

  • Objectives definitions
  • Resources
  • Deadlines and follow-up
  • Responsible
  • Quantification whenever possible
  • Indicators follow-up

The objectives are approved by the JD-001. For each proposed objective, the previously planned follow-up is carried out with the periodicity defined in the T-002-002 Quality objectives.

New project quality planning​

When a new project arises from the annual management review or during any other activity or requirement, it will be planned and registered as a new objective to ensure all the relevant aspects required during the planification are considered.

The specific tasks and activities that arise form the new planification, new objectives or open projects are managed with our different tools:

  • Design and development activities are registered at the Atlassian suite of applications (R-002-007 Process validation card 2023_003) according to the GP-012 Design, redesign and development procedure. It includes a roadmap of the foreseen activities and estimated times of achievement.
  • Trello (see R-002-007 Process validation card 2023_013) boards for the different department or areas.

In addition to the regular monitoring of objectives mentioned above, people involved in the different activities perform periodic meetings to share the advances and problems, and review and establish the roadmap and priorities.

Meeting nameFrequencyLeadAttendees
Medical data science daily3 days per weekJD-005People involved in the development of the device
Product development weeklyOnce a weekJD-003All technical employees, including those not directly involved in the device
Medical data science biweeklyOnce every two weeksJD-005The whole company, including the JD-001
Quality biweeklyOnce every two weeksJD-004The whole company, including the JD-001
HR weeklyOnce a weekJD-006JD-006, JD-001and any other head of department required
Sales daily meetingOnce a dayJD-002Sales department
Sales end-of-week meetingOnce a weekJD-002The whole company, including the JD-001

Processes structure​

The organization of the activities performed is a process-based approach and is complemented by risks. In the Process map (Annex-2 Process map) it is defined as the sequence of the different processes and their procedures.

Process risks management and indicators management​

The risks of each process and product are identified and recorded according to the GP-013 Risk management procedure with the aim of monitoring and measuring the performance of the activities of each process, and ensuring product safety. The technical strategy used to assess these risks is the calculation of the product of Severity x Probability to find the RPN -Risk priority number- (of risks), in accordance with the Procedure GP-013 Risk management. This assessment is recalculated after the implementation of mitigation actions planned to verify the correct management of the process and its feedback.

The evaluation of the performance of the processes is carried out through the T-002-003 Quality indicators. All these indicators are registered in the same document that contains different sections to document the progression throughout the years. This file is contained in the pertinent folder and named as a record, in accordance with the Procedure GP-001 Documents and records control.

The actions are determined and planned to address the risks considered as priorities according to the criteria and conclusions defined in the GP-013 Risk management.

The evolution of the status of the process will be reviewed at the annual management review and recorded in the corresponding T-002-004 Annual management review report.

The quality indicators are established by the top management covering all the company areas to ensure all the processes are under control. In the T-002-003 Quality indicators it will be assigned a standard planned value (values that define the acceptance limits for each process) for each indicator, and they are monitored quarterly (or as indicated in the record). With the data obtained in the different indicators it is evaluated whether the process is under control or not (the results obtained are within the planned results), and if any additional action must be implemented to achieve the planned value.

If the indicators show that a process is out of control, the situation is corrected to return the process to a controlled situation, and if necessary, the pertinent actions are taken as described in the Procedure GP-006 Non-conformity. Corrective and preventive actions.

On those processes that are under control, actions of continuous improvement can be suggested, with the intent of optimising the results. In this case, new objectives will be set to achieve these improvements. Annually, the person resposible for the process proposes to the JD-004 the actions to improve the process. The JD-004 collects all the proposals and exposes them at the annual management review meeting to establish the required actions (as new objectives, changes, preventive actions...) to achieve the improvements approved.

Responsibility, authority and communication​

Responsibility and authority​

Our top management ensures that the responsibilities and authorities are defined, documented, and communicated within the organization, through the Annex-3 Organization chart published in our human resources tool.

The top management documents the interrelation of all the personnel who manage, carry out and verify and, where appropriate, approve any process that affects the quality and guarantees the independence and authority necessary to carry out these tasks.

Management representative​

The top management designates a management representative who has the responsibility and authority to:

  • Ensure that the processes required for the QMS are documented.
  • Inform the top management about the effectiveness of the QMS and any need for improvement.
  • Ensure awareness of the applicable regulatory requirements and QMS requirements in the whole organization.

The position is filled by the person designated in the Quality Manual: JD-004 and JD-005.

Internal communication​

The top management ensures that the appropriate communication processes are established within the organization and that communication is carried out considering the effectiveness of the QMS. It is documented in the Quality manual Internal communication section.

External communication​

The Procedure GP-021 Communications defines the principles and limits in communications with customers, clinicians, scientists, technicians, investors, advertisements, social networks and web content.

Management review​

At least once a year, a meeting is held to monitor compliance with the QMS. As a result of this meeting, the T-002-004 Annual management review report is elaborated and it is signed by all the attendees: JD-001, JD-004 and other partners. Any necessary actions derived from the conclusions of this meeting will be treated in accordance with the Procedure GP-006 Non-conformity. Corrective and preventive actions.

The objective of this review is to ensure that the quality planning is efficient. The conclusions reached at this meeting will be the basis for the continuous improvement of our QMS.

During this meeting we also review the company context by using the SWOT analysis to identify the main strengths, weaknesses, opportunities and threats and address them as appropriate following the CAME analysis. Results of this review are recorded at T-002-006 SWOT and CAME analysis.

Review inputs​

The inputs of the management review must include, but are not limited to, information from:

  • Feedback and complaints
  • Treatment of claims
  • Notifications to regulatory authorities
  • Audits
  • Monitoring and measurement of the processes
  • Monitoring and measurement of the product
  • Corrective and preventive actions
  • Follow-up actions of previous management reviews
  • Changes that could affect the QMS
  • Recommendations for improvement
  • New or revised applicable regulatory requirements
  • Results of the evaluation of the impact on previously implemented risk management activities.

Review outputs​

The outputs of the management review should be recorded and should include the revised inputs and any decisions and actions related to:

  • Improvements necessary to maintain the suitability, adequacy and effectiveness of the QMS and its processes
  • Product improvement in relation to customer requirements
  • Changes necessary to respond to new or revised applicable regulatory requirements
  • Resources needs

All the relevant information from this meeting, including the results and conclusions are recorded in the T-002-004 Annual management review report.

In relation to the proposed changes and the ones finally adopted, the version's management of this report is done as it is defined in the Procedure GP-001 Documents and records control. The necessary actions implemented are developed accordingly following this procedure, or the GP-006 Non-conformity. Corrective and preventive actions when corresponding.

Mandatory attendees​

It is necessary that the following people assist each management review:

  • Executive committee:
    • JD-001
    • JD-003
    • JD-005
  • Management representative JD-004, that will act as the meeting coordinator.

The meeting will be convened by the assistants with the periodicity agreed in this procedure (typically in the first trimester of the year). They will use any means that allow leaving written evidence of the call, with written evidence of the correct reception by those called.

When the attendees confirm their assistance, the JD-004 will convene a meeting specifying the date selected by the attendees, by written means allowing the evidence. A change in a date already confirmed will be allowed at the request of one of the attendees, provided that it is due to major causes and is accepted by the rest of the attendees.

As an exception, it will be possible to hold a management review in the absence of one of the mandatory assistants only if there is a prior written agreement signed by all of them. It will be announced in written form by the management representative and keeping evidence of all the mandatory attendees.

Quality calendar​

We have implemented a quality calendar (R-002-005 Quality calendar) that compiles all the relevant events and actions to perform each month to ensure all the programmed activities are developed at the required frequency.

This calendar contains a Gantt chart with all the events and a Google Calendar, inserted also in our QMS. This type of calendar allows us to program alarms and reminders to the activities responsibles, and to see the quality calendar from our day-to-day personal Google Calendar.

Associated documents​

  • T-002-001 Quality objectives list
  • T-002-002 Quality objectives
  • T-002-003 Quality indicators
  • T-002-004 Management review report
  • T-002-005 Quality calendar
  • T-002-006 SWOT and CAME analysis
  • T-002-007 Process validation card
  • T-002-008 Quality and regulatory roadmap
  • T-002-009 Regulatory requirements review report
  • T-005-001 Job description
  • Annex-1 Quality policy
  • Annex-2 Process map
  • Annex-3 Organization chart
  • Annex-4 Substitution table
  • GP-001 Documents and records control
  • GP-005 Human resources
  • GP-006 Non-conformity. Corrective and preventive actions
  • GP-013 Risk management
  • GP-021 Communications

Signature meaning

The signatures for the approval process of this document can be found in the verified commits at the repository for the QMS. As a reference, the team members who are expected to participate in this document and their roles in the approval process, as defined in Annex I Responsibility Matrix of the GP-001, are:

  • Author: Team members involved
  • Reviewer: JD-003, JD-004
  • Approver: JD-001
Previous
SP-001-001 eIFU management
Next
Templates
  • Procedure flowchart
  • Purpose
  • Scope
  • Definitions
  • Responsibilities
    • JD-001
    • JD-004
    • JD-003
    • JD-005
  • Inputs
  • Outputs
  • Development
    • Human resources quality planning
    • Organizational philosophy
    • Quality planning
      • Quality objectives
      • New project quality planning
    • Processes structure
      • Process risks management and indicators management
    • Responsibility, authority and communication
      • Responsibility and authority
      • Management representative
      • Internal communication
      • External communication
    • Management review
      • Review inputs
      • Review outputs
      • Mandatory attendees
  • Quality calendar
  • Associated documents
All the information contained in this QMS is confidential. The recipient agrees not to transmit or reproduce the information, neither by himself nor by third parties, through whichever means, without obtaining the prior written permission of Legit.Health (AI Labs Group S.L.)