Cybersecurity in Medical Devices Latest Guidance: Quality System Considerations and Content of Premarket Submissions

This webinar will focus on cybersecurity of medical devices, a key concern for those who develop, manufacture, test, and distribute these products.  Protecting medical devices from hacking where someone can alter the actual code embedded in the device could result in injury or death to a patient or consumer. A serious threat, it must be dealt with at all levels to make sure the end product being used by a patient or consumer is perfectly safe and delivers the effective treatment required.

This session will provide some insight into current trends in cybersecurity threats to medical devices and how to follow industry best practices to prevent and/or mitigate these threats.

Cybersecurity is a serious concern for medical device safety and effectiveness.  Without protection, software running on a medical device could cause severe injury or death to a patient. There are many forms of cybersecurity and many remedies for thwarting attempts to penetrate medical device software.  Most of these are based in physical and logical security practices that are becoming best industry practices.

WHY YOU SHOULD ATTEND:

Providing safe and effective medical devices is in the best interests of all those involved in the development, manufacturing, testing, and distribution of these products.  One of the largest current threats to these devices working safely and effectively is cyberattacks that can wreak havoc on code and device functionality.  Preventing these attacks by identifying sources of threats and rooting them out before they can take effect is of the utmost concern.

In this webinar, you will learn just how cyberattacks threaten medical devices and how industry is currently responding to them.  We will discuss the many ways of preventing and mitigating the cybersecurity risk, and about the industry best practices that can help your company do the same.

This webinar is intended for those working in the FDA-regulated industries, including pharmaceutical, medical device, biological, animal health and tobacco.  Functions that are applicable include research and development, manufacturing, Quality Control, distribution, clinical testing and management, adverse events management and post-marketing surveillance.

You should attend this webinar if you are responsible for planning, executing or managing the development or implementation of any system governed by FDA medical device or software regulations, or if you are maintaining or supporting such a system.

LEARNING OBJECTIVES:

• This webinar will detail some of the threats and ways to mitigate them to protect consumers from harm.
• This webinar will also focus on IEC 62304. Medical devices can use very complex software applications, and any failure to function properly could lead to potential injury or death of a consumer or patient.
• There is a need to improve overall standards for medical device software to account  for this high risk potential.
• The majority of software recalls in the 1990s were due to software defects that were a result of software being upgraded.
• There is a need to restructure medical device software development processes, and adopting IEC 62304 provides a standard for design that is accepted in the United States (US) and European Union (EU).
• IEC 62304 is a risk-based approach to compliance that ensures the standards followed are appropriate for their potential assessed risk.
• IEC 62304 is a lifecycle approach that defines the activities and tasks required to ensure software for medical devices will be safe and reliable.
• Applying IEC 62304 will reduce your overall rate of software failure and improve your bottom line.

 AREAS COVERED IN THE SESSION:

• Provide an overview of cybersecurity and guidance on device software, including IEC 62304
• Provide an overview of the most common problems faced by industry in terms of medical device security, efficacy, and safety
• Cybersecurity and guidance on device software
• Cybersecurity Plan
• Most common problems faced by the industry in terms of medical device security, efficacy, and safety
• Risk-based Analysis
• Hazard Analysis following ISO14971
• Risk Communication to users
• Required Membership in information sharing groups
• Reporting Requirements and Exceptions
• Provide a set of best practices and industry standards to meet the challenges of cybersecurity and other threats to devices and software

WHO SHOULD ATTEND: 

This webinar is intended for those working in the FDA-regulated industries, including pharmaceutical, medical device, biological and tobacco.  Functions that are applicable include research and development, manufacturing, Quality Control, distribution, clinical testing and management, adverse events management and post-marketing surveillance.

You should attend this webinar if you are responsible for planning, executing or managing the implementation of any system governed by FDA regulations, or if you are maintaining or supporting such a system.  Also, if you are developing and supporting software that is used in conjunction with a medical device, or is considered to be software as a medical device, you will benefit from this session.  Examples of who will benefit from this webinar include:

• Information Technology Analysts
• Information Technology Developers and Testers
• QA Managers and Analysts
• Compliance and Audit Managers
• Laboratory Managers
• Automation Analysts
• Computer System Validation Specialists
• GMP Training Specialists
• Business Stakeholders/Subject Matter Experts
• Business System/Application Testers
• This webinar will also benefit any consultants working in the life sciences industry who are involved in computer system implementation, validation and compliance.

Course Director: CAROLYN TROIANO‎  

Carolyn Troiano has more than 30 years of experience in computer system validation in the pharmaceutical, medical device, animal health, tobacco and other FDA-regulated industries. She is currently an independent consultant, advising companies on computer system validation and large-scale IT system implementation projects. During her career, Carolyn worked directly, or on a consulting basis, for many of the larger pharmaceutical companies in the US and Europe. She developed validation programs and strategies back in the mid-1980s, when the first FDA guidebook was published on the subject, and collaborated with FDA and other industry representatives on 21 CFR Part 11, the FDA’s electronic record/electronic signature regulation. Carolyn has participated in industry conferences. She is currently active in the PMI, AITP, and RichTech, and volunteers for the PMI’s Educational Fund as a project management instructor for non-profit organizations.