T-005-009 QMS procedures training

The purpose of this document is to formally acknowledge and certify that the individual named herein has thoroughly read and understood all Quality Management System (QMS) procedures relevant to their role within Legit.Health.

At Legit.Health, we prioritize efficiency and compliance by ensuring that each team member is well-versed in the protocols and processes outlined in our QMS. This familiarization process is integral to maintaining the highest standards of quality across all aspects of our operations.

Similar to our onboarding process, this familiarization is tailored to the specific position and responsibilities of each team member. Through meticulous documentation and accessible resources, individuals are equipped with the knowledge and understanding necessary to excel in their roles.

The list of QMS procedures in which the employee has been trained as part of the onboarding process is provided below:

• GP-001 Control of documents
• SP-001-001 eIFU management
• GP-002 Quality planning
• GP-003 Audits
• GP-004 Vigilance system
• SP-004-001 Product Withdrawal
• GP-005 Human resources and training
• SP-005-001 Anti-corruption and anti-bribery
• GP-006 Non-conformity, Corrective and preventive actions
• GP-007 Post-market surveillance
• GP-008 Product requirements
• GP-009 Sales
• SP-009-001 How to use CRM
• SP-009-002 How to use contracts
• SP-009-003 How to share performance metrics
• GP-010 Purchases and suppliers evaluation
• GP-011 Provision of service
• GP-012 Design, re-design and development
• SP-012-002 Cybersecurity and transparency requirements
• GP-013 Risk management
• GP-014 Feedback and complaints
• GP-015 Clinical evaluation
• GP-016 Traceability and identification
• GP-017 Technical Assistance Service
• GP-018 Infrastructure and facilities
• SP-018-001 Remote infrastructure control access policy
• GP-019 Software validation
• GP-020 QMS Data analysis
• GP-021 Communications
• GP-022 Document translation
• GP-023 Change control management
• GP-050 Data protection
• SP-050-001 Data protection officer manual
• SP-050-002 Manual of functions and obligations of the staff
• GP-051 Security violations
• GP-052 Data Privacy Impact Assessment (DPIA)
• GP-100 Business continuity and disaster recovery plans
• GP-101 Information security

These procedures are applicable to the specific job description of the employee. The training plan for each position is outlined in the R-005-003 Training plan.

At the end of the training the trainer assess the knowledge acquired and the signature of this record means the approval of the efficacy of the training.

Configuration

Trainee name:

Person that certifies:

Full name of trainee	Full name of certifier
Received and acknowledged	Certifies that the knowledge has been acquired

Signature meaning

The signatures for the approval process of this document can be found in the verified commits at the repository for the QMS. As a reference, the team members who are expected to participate in this document and their roles in the approval process, as defined in Annex I Responsibility Matrix of the GP-001, are:

• Author: Team members involved
• Reviewer: JD-003, JD-004
• Approver: JD-001