Quality Management System for Medical Devices - ISO 13485 & Information Security Management - ISO/IEC 27001

The standard ISO 13485 specifies the requirements of a Quality Management System in organizations that need to demonstrate to their consumers their ability to comply with regulations relating to medical devices and related services. The standard specifies the requirements of medical devices that help to be free from contaminants, sterilized, and maintain cleanliness in their entire life cycle to ensure the consistent design, development, production, installation, and delivery of safe medical devices and applicable to all the organizations that supply medical devices.

On the other hand, the standard ISO/IEC 27001 specifies the requirements for establishing, implementing, maintaining, and continuously improving an Information Management System in an organizational context. Achieving accredited certification to ISO/IEC 27001 demonstrates that your company is following information security best practice and provides an independent, expert verification that information security is managed in line with international best practice and business objectives.

ISO/IEC 27001 and information security management systems (ISMS) are becoming an increasingly frequent topic during ISO 13485 audits. The Digital Health Applications Ordinance (DiGAV) has brought ISO/IEC 27001 into the focus of many medical device manufacturers.

The Digital Health Applications Ordinance (DiGAV) came into force on 21 April 2020 by the German Federal Ministry of Health (Bundesministerium für Gesundheit). The DiGAV establishes the requirements for the reimbursement of digital health applications (DiGA) by health insurance companies. The DiGAV describes how manufacturers can demonstrate that their devices meet the legal requirements.

Through certification by an independent third-party body, the company provides credibility of its commitments to its customers and stakeholders.

MTIC Group, owing to the partnership among InterCert GmbH - Group of MTIC -, MTIC InterCert S.r.l., SPS InterCert S.A. and MTIC ACADEMY Sagl who are active Certification Bodies with their own accreditations and notifications at national and international level, is one of the few Global Players in the Management Systems, Product Testing, Certification, Inspection and Training.

InterCert GmbH – Group of MTIC -, Germany HQ of MTIC Group, is an accredited Certification Body and one of the most specialized and dynamic Certification Bodies to provide a wide range of technical services thanks to a dense network and experience.


Now, we provide ISO 13485 and ISO/IEC 27001 integrated certification for Medical Device manufacturers and suppliers for a limited time.

Please feel free to contact our Germany HQ InterCert GmbH – Group of MTIC – for further information on process and certifications.