MedQAIR Achieves ISO/IEC 27001:2022 Certification: Strengthening Regulatory Data Security

MedQAIR announced today that it has achieved certification to ISO/IEC 27001:2022, with its Information Security Management System assessed using the updated Annex A controls. This certification confirms that MedQAIR applies a robust, systematically governed information security framework across its advisory services and software platforms, including the Medical Device Information System (MDIS).

ISO/IEC 27001:2022 is the leading international standard for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). The audit covered MedQAIR's information security controls related to the design, development, deployment, and support of regulatory and quality management software. These controls apply to sensitive regulatory documentation, UDI data, labelling files, and post-market reporting workflows handled within MedQAIR's environment.

Achieving certification further strengthens MedQAIR's position as a trusted partner for regulatory, quality, and information security compliance support for medical devices, IVDs, and AI-enabled health technologies across the EU (EU MDR, IVDR), the US (FDA), and international jurisdictions. MDIS, the company's secure cloud platform for UDI tracking, technical documentation workflows, and EUDAMED-related submissions, now operates within an ISMS that has been independently verified against the most current control set. This ensures the consistent protection of sensitive information throughout the medical device lifecycle and across all participating economic operators.

"Security and trust are central to our work in regulatory technology," said Leon Doorn, CEO and Co-Founder of MedQAIR. "Medical device manufacturers and their partners rely on us to safeguard documentation and data that are essential for market access and post-market safety. ISO/IEC 27001 certification confirms that our systems and operations meet the level of assurance expected by regulators, auditors, and industry leaders."

"Our clients handle documentation and data that carry regulatory, clinical, and operational consequences," said Ivo Flipse, CTO and Co-Founder of MedQAIR. "Achieving ISO 27001 demonstrates that the systems we build, especially MDIS, apply consistent, independently validated controls throughout the entire product lifecycle."

For clients and partners, the certification assures that MedQAIR applies a systematic approach to risk management, data protection, and operational governance. It supports secure collaboration between Legal Manufacturers, Authorised Representatives, Importers, and Distributors, and reduces the risks associated with fragmented documentation workflows, manual reviews, and regulatory reporting obligations.

MedQAIR Services B.V.,
Matrix ONE, Science Park, Amsterdam,
Noord-Holland 1098 XH, NL
CoC: 94675473
📧 info@medqair.com
🌐 www.medqair.com

MedQAIR is a regulatory consulting firm specialising in Authorised Representative services, PRRC support, and Quality, Regulatory and Information Security consulting for medical devices and AI-enabled health technologies. The company also develops MDIS, a secure, ISO 27001-certified platform that enables Economic Operators to manage UDI data, share technical documentation, and automate EUDAMED registrations and vigilance workflows.

Learn more about MedQAIR's services : https://medqair.com/services/

This release was published on openPR.