Campaign
The company-side evidence environment around your regulated documents.
For VPs of Quality, Compliance Officers, and General Counsel: how Inoculis builds the IT and security posture that supports your QMS, your audits, and your hospital deployments. We coordinate with you; we do not replace you.
Where we work, and where you stay in charge.
What Inoculis prepares
- QMS selection support and company-side IT-control requirements around validation
- The IT controls that support 21 CFR Part 11, including electronic records, electronic signatures, access logs, and change control
- Company-side answers in the MDS2, including security policies, training, network, and IAM
- HITRUST, ISO 27001, SOC 2, and NIST 800-53 readiness for the company
- Vendor security response library
- BAA inventory and subcontractor agreement coordination where PHI/ePHI is involved and counsel confirms the company’s HIPAA role
What stays in Quality, Regulatory, and Legal
- DHF, DMR, RMF authorship and version control
- Software lifecycle execution under IEC 62304
- Device-firmware answers in the MDS2, including cryptography, device authentication, and embedded software
- FDA premarket cybersecurity submissions and Section 524B evidence authorship
- Audit certification, which stays with auditors and certification bodies
- Legal authorship of contracts and legal review of breach notification obligations
Frameworks we work against (we prepare, we do not certify).
HITRUST, HIPAA, ISO 27001, SOC 2, NIST 800-53. Plus the IT and security interface with QMSR / ISO 13485 (the harmonized FDA quality regulation, effective February 2026, replacing 21 CFR Part 820 in current-state language).
Cases that speak loudest