Quality Management

At Hedia we strive to improve the lives of people with diabetes on a daily basis. Quality Management is therefore a highly valued discipline within Hedia in order to guarantee the safety and security of our users’ data at all times. Below you can find a list of our certifications and protocols.

Certification CE - Quality Management

CE marking

CE stands for Conformité Européenne – in English: European Conformity. Being CE-marked means that Hedia Diabetes Assistant (HDA) conforms with the standards of the European Economic Area.

HDA has been granted this CE status as a class IIb medical device, which allows us to place the CE marking on our product. CE marking is a sign of the highest quality: it ensures that we are always in line with the excellence that the European Union’s legislation requires.

Receiving the CE mark is proof of HDA’s harmony with EU legislation on medical devices. The EU’s Medical Device Directive 93/42/EEC includes essential requirements of safety, performance and quality.

Accordingly, Hedia Diabetes Assistant can be marketed and sold legally throughout the EU and EEA to its 500 million consumers.

ISO 13485:2016

The International Organization for Standardization (ISO) is an independent body that certifies international standardisation, having been given consultative status with the United Nations Economic and Social Council.

The ISO certification process for Hedia APS was carried out by TÜV SÜD, a business that has been undertaking inspections since 1906. TÜV SÜD is an international inspection and product certification service with locations based in about 50 countries.

Receiving certification to ISO 13485:2016 demonstrates Hedia’s ability to provide a medical device and related services that consistently meet customer and applicable regulatory requirements. The certification confirms that Hedia is able to meet the international requirements of ISO.

cybersecurity and quality management

Principles for medical device security 

When it comes to data management and cybersecurity, we utilise TIR 57:2016 at Hedia.

The threat to medical device systems from hackers and other bad actors is becoming ever more acute. There are a number of standards dealing with medical device security, but each tackles the issue from specific angles only. At Hedia, we utilise the AAMI Technical Report TIR 57, which offers a combined security and safety risk management procedure specifically for medical devices.

Safety management, in particular documenting product safety, is a key issue in medical device development. TIR 57 offers a recognised process framework for managing security risks in the specific context of medical devices (AAMI TIR 57, FDA Recognition Number 13-83, published June 27, 2016).

user testing for hedia

User testing

When designing and developing new larger features and functionalities, Hedia conducts user testing in accordance with the IEC 62366-1 – usability standard.

Content review process of Hedia

Reviewal of content 

The content of Hedia Diabetes Assistant is continuously reviewed by Hedia’s medical team to ensure that all functionalities comply with current standards and diabetes care. Specific clinical content (e.g. bolus calculator) is tested at least once a year to ensure product safety.

app design standards

App design standards

In the design of Hedia Diabetes Assistant– a class IIb medical device – our main focus is on the safety of our users. We take a risk-based approach to new features and functionalities by following the ISO 14971 Risk Management, IEC 62304 Software Development, and IEC 82304 Product Safety Requirements standards. Our app design is based on the core principles of Apple Human Interface Guidelines and Google Material Design Guidelines.

GDPR, quality management

General Data Protection Regulation (GDPR)

We here at Hedia are all committed to the safety and security of your data. We are committed to the principles inherent in the GDPR and particularly to the concepts of privacy by design, the right to be forgotten, user consent, and a risk-based approach. In addition, we aim to ensure:

  • transparency with regard to the use of data

  • that any processing is lawful, fair, transparent and necessary for a specific purpose

  • that data is accurate, kept up to date and removed when no longer necessary

  • that data is kept safely and securely