Quality & Regulatory Excellence: It's in Our DNA

At BDS, we understand that regulatory compliance is critical for our customers. It’s not just about meeting requirements; it’s about ensuring patient safety and maintaining the highest standards of quality. That’s why we’ve built a culture of compliance into everything we do. It’s in our DNA.

Patient safety drives our commitment to our Quality Management System (QMS). Quality has many aspects at BDS, and our QMS is just one of them. Our other focus areas include code quality, quality products, usability engineering, and continuous improvement.

Our Four Foundational Pillars:

Passion for Patient Safety

Every solution we develop prioritises patient safety as the ultimate goal

Experience in Regulatory Requirements

Extensive experience with regulatory filings, including 510(k) clearance for pooling management and derivative products

HCPC Biomedical Scientists

Our team includes qualified biomedical scientists who understand both the technical and practical requirements of laboratory operations

Partnership Approach

We build strategic partnerships with our customers, developing the right solutions for patient care together

Certifications & Standards

BDS is audited, certified and accredited against the following standards:

Core Certifications
Read more
  • ISO 13485:2016: Medical Devices – Quality Management Systems – Requirements For Regulatory Purposes
  • MDSAP: Medical Device Single Audit Programme, which includes regulatory requirements for USA, Brazil, Australia, Japan and Canada
  • ISO 27001:2022: Information Security, cybersecurity and privacy protection – Information Security Management Systems – Requirements
  • Cyber Essentials: UK government-backed cybersecurity certification scheme
Read less
Supporting Standards
Read more
  • BS EN 62304:2006 + A1:2015: Medical Device Software – Software Life Cycle Processes
  • ISO 14971:2019: Medical Devices – Application of Risk Management to Medical Devices
  • ISO 15223-1:2021: Medical Devices – Symbols to be used with information to be supplied by the manufacturer
  • BS EN 62366-1:2015: Medical Devices – Application of Usability Engineering to Medical Devices
Read less
Cybersecurity Standards
Read more
  • CLSI Auto11-A2: Information Technology Security of In Vitro Diagnostic Instruments and Software Systems
  • ANSI UL 2900-1: Software Cybersecurity for Network-connectable Products
Read less
Global Regulatory Experience
Read more

Our team has extensive experience with direct and supporting submissions across multiple regulatory jurisdictions:

  • United States: FDA 510(k) submissions and compliance with CFR Title 21 Part 820
  • European Union: EU IVDR 2017/746 compliance via our Authorised Representative in Malta
  • United Kingdom: MHRA compliance under UK Medical Devices Regulations 2002
  • Australia: TGA registration (performed via business partner submissions)
  • Canada: Health Canada registration (performed via business partner submissions)
  • Saudi Arabia: Saudi FDA registration (performed via business partner submissions)
  • China: NMPA registration (performed via business partner submissions)
  • Switzerland: Registration performed via Authorised Representative
  • Brazil: ANVISA registration (performed via business partner submissions)
Read less

Quality Management Approach

Continuous Improvement

The world of software is continuously evolving, and we must continuously improve—not just our QMS, but our products and services. We welcome customer feedback as we look for true partnership.

Compliance

Internal and external audits ensure our compliance to required regulatory standards. Our CAPA (Corrective and Preventive Action) and Non-Conformance Procedures ensure we stay on top of any issues we find and are continuously improving.

Risk Management

Our Risk Assessment procedures are built around ISO 14971. We conduct comprehensive risk assessments, led by our senior team with previous lab experience, of requirements to identify hazards and hazard mitigations that are incorporated into our products, including additional specifications and automated linking.

Post Market Surveillance (PMS)

Post Market Surveillance allows BDS to monitor the safety and performance of our products and to collect data on product performance, ensuring ongoing safety and effectiveness in real-world use.

Information Security & Cybersecurity

Information security at BDS starts from the ground up. We go above and beyond what is expected from our ISO 27001 obligations by investing in industry-leading, AI-enhanced EDR/XDR security platforms, cloud-based email security and next-generation firewalling.

Our Cybersecurity Approach
Read more
  • Risk-Based Security: Cybersecurity is introduced into the development lifecycle from the beginning, with analysis of product requirements to identify security constraints
  • Threat Modelling: Proposed architectures are threat-modeled to identify weaknesses, with iterative improvements until the architecture is secure
  • Secure Development: Code undergoes Static Application Security Testing (SAST) and Software Composition Analysis (SCA) during development
  • Penetration Testing: Deployable products are submitted for automated penetration testing to identify vulnerabilities
  • Multi-Layered Protection: We employ multi-layered patching and update strategies, regardless of system location
  • Proactive Monitoring: We proactively check our products and infrastructure against penetration testing platforms to ensure weaknesses are spotted and resolved quickly

We believe in taking pre-emptive measures to stay ahead of current threats and to keep information safe. Above all, these measures are built upon robust BDS processes and practises to ensure that information is accurate and protected at all stages of its lifecycle.

Read less
FDA Guidance Compliance
Read more

Our processes and procedures comply with key FDA guidance documents:

  • Off-The-Shelf Software Use in Medical Devices (August 2023)
  • Postmarket Management of Cybersecurity in Medical Devices (December 2016)
  • General Principles of Software Validation (January 2002)
Read less

Value Proposition

Our comprehensive quality and regulatory approach delivers:

  • Deep Industry Expertise: Insights gained through our wide range of partnerships ensure high congruence with operational targets
  • Custom-Tailored Deployment: Foundational software products enhanced and customized to meet stringent requirements
  • Extensive Middleware Experience: Over 5,000 middleware solutions placed globally, demonstrating our technology’s reliability
  • Pooling Proficiency: 510(k) clearance for pooling result management with proven success across various pooling environments
  • Scalable Technologies: Cloud and container-based products developed specifically for healthcare software applications
  • Regulatory Excellence: Comprehensive PMS strategies and advanced understanding of regulatory processes

We believe that compliance is not just a box to check; it’s an integral part of delivering high-quality solutions that our customers can trust. It’s in our DNA to support your compliance efforts, giving you the confidence to focus on what matters most: improving patient care.

Ready to learn more about our quality and regulatory capabilities?
Back To Top