22 Chapter 1 that CE-marking should be revoked. Consequently, the medical device should then be withdrawn from the market. Table 2: Overview of relevant International Standards when implementing the updated GDPR and MDR ISO 27001 Provides requirements for an information security management system (ISMS) ISO 27002 Is an information security standard that provides best practice recommendations on information security controls for use by those responsible for initiating, implementing or maintaining an ISMS. ISO 14971 Specifies terminology, principles and a process for risk management of medical devices, including software as a medical device. The standard helps manufacturers to estimate and evaluate the associated risks, to control these risks, and to monitor the effectiveness of the controls. ISO 13485 Provides the requirements for a comprehensive quality management system for the design and manufacture of medical devices. ISO 17021 Contains principles and requirements for the competence, consistency and impartiality of bodies providing audit and certification of all types of management systems.
RkJQdWJsaXNoZXIy MTk4NDMw