The General Data Protection Regulation (GDPR) is the primary legal framework in the European Union for the protection of natural persons with regard to the processing of their personal data and the free movement of such data. Compliance with this regulation ensures the highest level of respect for users’ privacy through the application of principles such as transparency, purpose limitation, data minimization, and proactive security. This regulation ensures that any personal data is processed with the highest guarantees of confidentiality and control by the data subjects.
The National Security Framework (ENS), at its Medium Level category, applicable to the entire Public Sector as well as to suppliers collaborating with public administrations, provides a common framework of basic principles, requirements, and security measures to ensure adequate protection of processed information and delivered services. Its objective is to guarantee access, confidentiality, integrity, traceability, authenticity, availability, and preservation of data, information, and services handled by electronic means in the exercise of their competencies. Since its initial development in 2010, it has been in continuous evolution, with notable amendments in 2015 and its most recent update in 2022 (Royal Decree 311/2022).
ISO 13485 establishes the requirements for a quality management system specific to the medical devices industry and related services. This international certification demonstrates an organization’s ability to consistently provide medical devices that meet customer requirements and applicable regulatory requirements. Its approach covers the entire product lifecycle—from design and development to production and distribution—prioritizing risk management and safety in highly regulated medical environments.
HL7 FHIR is a next-generation international standard for the electronic exchange of clinical and administrative information in the healthcare sector. Based on modern web technologies and a modular resource-oriented approach, this standard enables different healthcare information systems to communicate with each other in an agile, secure, and efficient manner. Its adoption ensures true and seamless interoperability, facilitating access for healthcare professionals and organizations to the clinical data they need at the right time in order to improve patient care.
The CE marking for Class I medical devices is the manufacturer’s declaration that the product complies with all essential safety, performance, and effectiveness requirements established by the European Medical Device Regulation (MDR). Class I devices present the lowest level of risk to patients and users. This marking is mandatory in order to legally market the product within the European Economic Area, ensuring that it has been designed and manufactured under strict quality controls and risk assessment procedures.