Skip to main content
QMSQMS
QMS
  • Welcome to your QMS
  • Quality Manual
  • Procedures
  • Records
    • GP-001 Documents and records control
    • GP-002 Quality planning
      • Deprecated
      • R-002-007
      • R-002-001 Quality objectives list_2024_001
      • R-002-001 Quality objectives list_2025
      • R-002-001 Quality objectives list_2026
      • R-002-002 Quality objectives_2024_001
      • R-002-002 Quality objectives_2024_002
      • R-002-002 Quality objectives_2024_003
      • R-002-002 Quality objectives_2024_004
      • R-002-002 Quality objectives_2024_005
      • R-002-002 Quality objectives_2025_001
      • R-002-002 Quality objectives_2025_002
      • R-002-002 Quality objectives_2025_003
      • R-002-002 Quality objectives_2025_004
      • R-002-002 Quality objectives_2025_005
      • R-002-002 Quality objectives_2026_001
      • R-002-002 Quality objectives_2026_002
      • R-002-002 Quality objectives_2026_003
      • R-002-002 Quality objectives_2026_004
      • R-002-002 Quality objectives_2026_005
      • R-002-003 Quality indicators_2024
      • R-002-003 Quality indicators_2025
      • R-002-003 Quality indicators_2026
      • R-002-004 Annual management review report 2025
      • R-002-004 Annual management review report 2026
      • R-002-005 Quality Calendar_2025
      • R-002-005 Quality Calendar_2026
    • GP-003 Audits
    • GP-004 Vigilance system
    • GP-005 HR and training
    • GP-007 Post-market surveillance
    • GP-009 Sales
    • GP-010 Suppliers
    • GP-012 Design, Redesign and Development
    • GP-018 Infrastructure and facilities
    • GP-019 Non-product software validation
    • GP-023 Change control management
    • GP-050 Data Protection
    • GP-051 Security violations
    • GP-052 Data Privacy Impact Assessment (DPIA)
    • GP-200 Remote Data Acquisition in Clinical Investigations
    • GP-011 Provision of service
    • GP-110 Esquema Nacional de Seguridad
  • Legit.Health Plus Version 1.1.0.0
  • Legit.Health Plus Version 1.1.0.1
  • Legit.Health Utilities
  • Licenses and accreditations
  • Applicable Standards and Regulations
  • Pricing
  • Public tenders
  • Records
  • GP-002 Quality planning
  • R-002-002 Quality objectives_2025_003

R-002-002 Quality objectives_2025_003

Objective details​

Objective number​

3

Description​

Enhance cybersecurity

Establishment date​

January 2025

This is a new quality objective identified for 2025 which aims to enhance the cybersecurity of our medical device as part of continuous product and compliance improvement.

Planning​

Responsible​

JD-005, JD-003, JD-004

Departments involved​

The main departments involved in the implementation of this quality objective are the product development and quality & regulatory departments.

Planned actions for 2025 period​

During 2024, we selected a provider (Dmed software) to support us with the implementation of this objective, especially in view of the FDA submission.

The actions foreseen for 2025 are:

  1. Perform the kick-off meeting with Dmed software to start the cybersecurity project
  2. Review the procedure for cybersecurity requirements
  3. Collaborate with Dmed software in creating and reviewing cybersecurity records, such as threat modelling, security risk assessment, security requirements
  4. Execute the penetration test
  5. Address any vulnerabilities found during the penetration test
  6. Implement a robust cybersecurity monitoring during the post-market phase.

Resources needed​

Personnel from the product development team to support Dmed software with the creation/revision of cybersecurity records; personnel from the regulatory & quality department to review the cybersecurity procedure and to overview the cybersecurity records.

Monitoring and follow up​

Period% CompletionFollow upShort-term actions
Q1 2025
Q2 2025
Q3 2025
Q4 2025

Signature meaning

The signatures for the approval process of this document can be found in the verified commits at the repository for the QMS. As a reference, the team members who are expected to participate in this document and their roles in the approval process, as defined in Annex I Responsibility Matrix of the GP-001, are:

  • Author: Team members involved
  • Reviewer: JD-003 Design & Development Manager, JD-004 Quality Manager & PRRC
  • Approver: JD-001 General Manager
Previous
R-002-002 Quality objectives_2025_002
Next
R-002-002 Quality objectives_2025_004
  • Objective details
    • Objective number
    • Description
    • Establishment date
  • Planning
    • Responsible
    • Departments involved
    • Planned actions for 2025 period
    • Resources needed
  • Monitoring and follow up
All the information contained in this QMS is confidential. The recipient agrees not to transmit or reproduce the information, neither by himself nor by third parties, through whichever means, without obtaining the prior written permission of Legit.Health (AI Labs Group S.L.)