Category Archives: Regulatory

03Nov/17
CLOUD IMAGE

ComplianceQuest Offers Cloud Native Enterprise Quality Management Solutions

By: Daniel R. Matlis

Axendia was recently briefed by ComplianceQuest’s executive team.  The team, 80% of whom have deep experience in the Enterprise Quality Management Solutions (EQMS) market, has developed a cloud native EQMS built on the Salesforce platform.

ComplianceQuest was developed on the Salesforce cloud solution to provide a worry-free infrastructure platform that can be available anywhere, anytime. In addition, Salesforce provides a reliable, versatile infrastructure that can scale for all size companies. Another benefit of developing on the Salesforce platform is the ability to leverage advanced capabilities such as mobility, social media, artificial intelligence and machine learning and be ready for future technologies.Network_Navy_F

“ComplianceQuest provides a unique combination of niche experience, solutions and services across multiple industries with comprehensive capabilities in quality, safety and compliance throughout the supply chain,” said Nikki Willett, Chief Strategy Officer at ComplianceQuest. “Suitable for small companies and secure, scalable and flexible to meet the needs of medium and global enterprises, ComplianceQuest is easy to implement, validate and use,” she added.

Continue reading

07Sep/17
cyber security copy

FDA confirms: Hacking a pacemaker only requires commercially available equipment

By: Giselle C. Matlis, Research Assistant

On August 29, 2017 the FDA published a Safety Communication, Firmware Update to Address Cybersecurity Vulnerabilities Identified in Abbott’s (formerly St. Jude Medical’s) Implantable Cardiac Pacemakers , where they announced that they have reviewed information concerning potential cybersecurity vulnerabilities associated with implantable cardiac pacemakers.cyber security copy

In its Safety Communication, FDA confirmed that if exploited, these vulnerabilities could allow an unauthorized user with commercially available equipment to access a patient’s device and could be used to modify programming commands to the implanted pacemaker.  This could result in patient harm from rapid battery depletion or administration of inappropriate pacing. At this point, there have been no known patient harm, however, the FDA has approved a firmware update that addresses these cybersecurity vulnerabilities and reduces the risk of exploitation and subsequent patient harm.

In fact, former Vice President Dick Cheney discussed his fears that terrorists could hack into his pacemaker, a fear he saw come to life while watching an episode of “Homeland.”Indeed, when doctors implanted Cheney’s pacemaker in 2007, they disabled the wireless feature out of fear that someone could manipulate it and disrupt his heartbeat.

The FDA has been warning about cybersecurity on medical devices for over a decade.  As Eric Luyer stated in his March 2017 article “the time to implement a proactive, comprehensive risk management program to eliminate cybersecurity threats is now”.

Cybersecurity of connected medical devices must be a key step in the design process.  Medical Device manufacturers must be proactive instead of reactive to cybersecurity concerns when developing new products.

30Aug/17
Data_Integrity_Text

WHY Is Data Integrity the Foundation of Good Science?

By: Sandra Rodriguez, Market Analyst and Ellyn McMullin, Research Associate, Axendia Inc.

Data_Integrity_TextOne of the basic tenets of investigative reporting is getting to the facts by asking ALL the relevant questions:  Who, what, where, when and why?  The issues, concerns and proposed solutions surrounding Data Integrity deserve no less a rigorous analysis.

While several articles have been published on data integrity addressing the: who, what, where and when, the most important question is left unanswered.  WHY Is Data Integrity the Foundation of Good Science?

Answering who, what, where and when is a mechanical process.

  • Create a procedure requiring people to sign-wet or electronic: Who
  • Record the data element: What
  • Establish the source of the data element: Where
  • Record the time: When

The “Why” is the rationale for the procedure: “Data Integrity IS The Foundation of Good Science.”

Continue reading

16Jun/17
FDANews150x150

10 FDA Answers on ‘Driving a Culture of Quality for Devicemakers’

By: Daniel R. Matlis, President

The Case for Quality: Why Does It Matter?

Last month, I had the privilege to moderate a discussion with Capt. Sean Boyd, deputy director for regulatory affairs in CDRH’s Office of Compliance, and Francisco (Cisco) Vicenty, acting program manager of Case for Quality in CDRH’s Office of Compliance.

During the webinar hosted by FDAnews, we discussed topics including:

  • The Case for Quality – Why does it matter?
  • Are we playing regulatory whack-a-mole?
  • How is the role of FDA evolving to encourage a culture of quality for device makers?
  • Have “Compliance First” regulatory approaches slowed innovation?
  • Who benefits from a focus on quality?
  • Are there appropriate substitutes for routine FDA inspections or pre-approval inspections?
  • What are the quality outcomes metrics FDA will collect and monitor?
  • How will FDA operate as we shift from documents to data/metrics as a result of using quality tools?

In addition, Capt. Boyd and Mr. Vicenty addressed the following audience questions:

Q1: How is the CfQ program different than Quality by Design?

A1: Quality by Design (QbD) is the systematic approach used in the pharmaceutical space for development that focuses on risk management and predefined objectives for product and process control. QbD is more analogous to Design Controls in Quality System Regulation. Case for Quality is an effort to work together with a community of stakeholders to incentivize performance and product quality. This collaboration will allow for faster and better data to drive purchasing decisions and FDA activity.

Fore more Q&A, read the article in its entirety in FDANews Device Daily Bulletin.

13Mar/17
CyberSecurity

CYBERSECURITY RISKS IN MEDICAL DEVICES ARE REAL

By: Eric M. Luyer, Market Research Analyst 

The Healthcare Industry Has a New Set of Threats on Its Hands

PPP_IGLOB_CLP_Global_Computer_Network_Red_Color_Pencil_HEXConnected medical devices-like other computer systems-can be vulnerable to security breaches and have a potential major impact on safety and effectiveness of the device.  Specifically, in a healthcare environment, this vulnerability increases asmedical devices and medical equipment are becoming more connected through the internet to other medical devices, patients and/or to hospital networks (also referred to as the Internet of Medical Things).

To address the cybersecurity threat, in December 2016 FDA issued Guidance on Postmarket Management of Cybersecurity in Medical Devices.

Continue reading