Category Archives: Regulatory

07Sep/17
cyber security copy

FDA confirms: Hacking a pacemaker only requires commercially available equipment

By: Giselle C. Matlis, Research Assistant

On August 29, 2017 the FDA published a Safety Communication, Firmware Update to Address Cybersecurity Vulnerabilities Identified in Abbott’s (formerly St. Jude Medical’s) Implantable Cardiac Pacemakers , where they announced that they have reviewed information concerning potential cybersecurity vulnerabilities associated with implantable cardiac pacemakers.cyber security copy

In its Safety Communication, FDA confirmed that if exploited, these vulnerabilities could allow an unauthorized user with commercially available equipment to access a patient’s device and could be used to modify programming commands to the implanted pacemaker.  This could result in patient harm from rapid battery depletion or administration of inappropriate pacing. At this point, there have been no known patient harm, however, the FDA has approved a firmware update that addresses these cybersecurity vulnerabilities and reduces the risk of exploitation and subsequent patient harm.

In fact, former Vice President Dick Cheney discussed his fears that terrorists could hack into his pacemaker, a fear he saw come to life while watching an episode of “Homeland.”Indeed, when doctors implanted Cheney’s pacemaker in 2007, they disabled the wireless feature out of fear that someone could manipulate it and disrupt his heartbeat.

The FDA has been warning about cybersecurity on medical devices for over a decade.  As Eric Luyer stated in his March 2017 article “the time to implement a proactive, comprehensive risk management program to eliminate cybersecurity threats is now”.

Cybersecurity of connected medical devices must be a key step in the design process.  Medical Device manufacturers must be proactive instead of reactive to cybersecurity concerns when developing new products.

30Aug/17
Data_Integrity_Text

WHY Is Data Integrity the Foundation of Good Science?

By: Sandra Rodriguez, Market Analyst and Ellyn McMullin, Research Associate, Axendia Inc.

Data_Integrity_TextOne of the basic tenets of investigative reporting is getting to the facts by asking ALL the relevant questions:  Who, what, where, when and why?  The issues, concerns and proposed solutions surrounding Data Integrity deserve no less a rigorous analysis.

While several articles have been published on data integrity addressing the: who, what, where and when, the most important question is left unanswered.  WHY Is Data Integrity the Foundation of Good Science?

Answering who, what, where and when is a mechanical process.

  • Create a procedure requiring people to sign-wet or electronic: Who
  • Record the data element: What
  • Establish the source of the data element: Where
  • Record the time: When

The “Why” is the rationale for the procedure: “Data Integrity IS The Foundation of Good Science.”

Continue reading

16Jun/17
FDANews150x150

10 FDA Answers on ‘Driving a Culture of Quality for Devicemakers’

By: Daniel R. Matlis, President

The Case for Quality: Why Does It Matter?

Last month, I had the privilege to moderate a discussion with Capt. Sean Boyd, deputy director for regulatory affairs in CDRH’s Office of Compliance, and Francisco (Cisco) Vicenty, acting program manager of Case for Quality in CDRH’s Office of Compliance.

During the webinar hosted by FDAnews, we discussed topics including:

  • The Case for Quality – Why does it matter?
  • Are we playing regulatory whack-a-mole?
  • How is the role of FDA evolving to encourage a culture of quality for device makers?
  • Have “Compliance First” regulatory approaches slowed innovation?
  • Who benefits from a focus on quality?
  • Are there appropriate substitutes for routine FDA inspections or pre-approval inspections?
  • What are the quality outcomes metrics FDA will collect and monitor?
  • How will FDA operate as we shift from documents to data/metrics as a result of using quality tools?

In addition, Capt. Boyd and Mr. Vicenty addressed the following audience questions:

Q1: How is the CfQ program different than Quality by Design?

A1: Quality by Design (QbD) is the systematic approach used in the pharmaceutical space for development that focuses on risk management and predefined objectives for product and process control. QbD is more analogous to Design Controls in Quality System Regulation. Case for Quality is an effort to work together with a community of stakeholders to incentivize performance and product quality. This collaboration will allow for faster and better data to drive purchasing decisions and FDA activity.

Fore more Q&A, read the article in its entirety in FDANews Device Daily Bulletin.

13Mar/17
CyberSecurity

CYBERSECURITY RISKS IN MEDICAL DEVICES ARE REAL

By: Eric M. Luyer, Market Research Analyst 

The Healthcare Industry Has a New Set of Threats on Its Hands

PPP_IGLOB_CLP_Global_Computer_Network_Red_Color_Pencil_HEXConnected medical devices-like other computer systems-can be vulnerable to security breaches and have a potential major impact on safety and effectiveness of the device.  Specifically, in a healthcare environment, this vulnerability increases asmedical devices and medical equipment are becoming more connected through the internet to other medical devices, patients and/or to hospital networks (also referred to as the Internet of Medical Things).

To address the cybersecurity threat, in December 2016 FDA issued Guidance on Postmarket Management of Cybersecurity in Medical Devices.

Continue reading

08Mar/17
Supply-Chain-Squares (3)

QUALITY MANAGEMENT ACROSS YOUR GLOBAL SUPPLY CHAIN

How Can the Cloud Help with Data Integrity and Quality Issues Across your Global Supply Chain?

REGISTER TODAY
Date: MARCH 22, 2017
Time: 1:30 PM EST

All your data used to be close by — under your control — and easily monitored. Now, as you outsource more and more, your direct control on quality is weakened. By using a cloud based solution you can take back control. You can monitor your quality metrics in real time wherever they’re being generated and head off issues way before an FDA investigator even sets foot in your facility.

In this session, you will learn how to:

  • Drive enhanced product quality at reduced costs and risks while assuring compliance with all applicable regulatory requirements
  • Leverage modern quality systems to improve visibility, control and collaboration across your supply chain
  • Shift from just documents to also including data to support quality metrics across global and externalized supply chain networks
  • Reduce inspection frequency and risk through modern quality systems and real-time quality metrics
  • Reduce data integrity risks before they occur
  • Sleep better at night!

Attend the Webinar – Sponsored by Veeva