June 20, 2013

Posts Comments

You are here: Home / Archives for FDA Regulated / Medical Devices

FDA to Medical Device Submitters Using WebTrader: Remove Your Files Now

January 17, 2013 by Leave a Comment
Tamar June, VP, Strategic Marketing, Product Manager - eMDR

Tamar June, VP, Strategic Marketing, Product Manager – eMDR

A January 11, 2013 email sent by Michael Fauntleroy, Program Manager, FDA ESG, is warning those using the WebTrader for electronic submissions to delete their inboxes, or risk losing all documents contained within them in the future. WebTrader is a supposed to be a low-volume submission tool, however, some companies have apparently been using the system as a file server or archival system.

FDA states that the misuse of the system has resulted in significantly lower performance for all other account holders. They suggest removing the submission records and storing it either locally or on a company-wide network. The email also listed the number of “offending” accounts:

1 account has more than 3000 documents
9 accounts have more than 2000 documents
34 accounts have more than 1000 documents
96 accounts have more than 500 documents
763 accounts have more than 100 documents
2833 accounts have more than 20 documents

(Each submission transmission has 3 – 4 documents associated with it. e.g. 20 documents in an Inbox  translates to 5 -6 submissions).

According to FDA, “…ESG’s WebTrader functionality is provided to the industry by FDA as a low cost alternative to send submissions to FDA. The WebTrader Inbox provides the users a view of submissions sent to FDA and receipts and Acknowledgements received from FDA. This inbox should not be used as a storage place for your Receipts and Acknowledgements – once you receive Receipts and Acknowledgements for your submissions you should;

  • Download Receipts and Acknowledgements and save them to your local machine
  • Delete records from your WebTrader Inbox

Following these steps will ensure faster display of the Inbox for you, other ESG users and increase overall performance of the system.”

The email also states “The account owners that have more than 2,000 documents in their WebTrader Inboxes will be receiving an email with a zip file of their messages.  We will delete these documents from your Web Trader Inbox at the FDA immediately. This policy is being re-implemented on a permanent basis.”

In the closing paragraph of the email, written in red ink, the FDA sternly warns: “On February 1, 2013 we will start deleting documents in Web Trader account Inboxes without notice.  Any Web Trader Inbox with more than 20 documents in it will be cleaned starting February 1, 2013. Once the Inbox is cleared of documents (Receipts and Acknowledgements) they cannot be retrieved so WE STRONGLY ADVISE YOU TO DOWNLOAD RECEIPTS AND ACKNOWLEDGEMENTS FROM YOUR INBOX after each transmission.”

Clearly, those who have hundreds or thousands of documents should probably consider upgrading to another type of eMDR submission system.

TwitterFacebookGoogle+LinkedInEmailPrintFriendlyShare
Filed Under: eMDR Updates, FDA Regulated, Medical Devices, Regulatory, Tamar June Tagged With: , , , , ,

The Only Vote That Counts: FDA 483 Round-Up

November 6, 2012 by Leave a Comment

Michael Causey, Editor & Publisher, eDataIntegrityReport.com

Pollsters, prognosticators and pundits love to obsess over the polls before Election Day. Their self-appointed task is sifting for nuggets that will tell us who will win before anyone has actually cast a ballot. But as wide political sages like to say, “The only poll that matters is the one on the day people actually vote.”

Looking at the FDA isn’t much different. Lots of folks like to predict what the FDA will do, or try to glean trends from the often cryptic public statements FDA officials make at conferences or other gatherings.  But the FDAs real “votes” are in the 483s they issue.

Reading through a recently-released crop of the agency’s medical device letters, it looks like the FDA is maintaing an interest in CAPA and employee training.

A letter issued after a month-long inspection that ended in May 2012, cited Cardiva Medical in Alameda, California for failing to adequately train its workers. Its Cardiva Catalyst is “designed to increase the comfort of the manual compression process and facilitate the body’s healing process,” according to the company’s website. It also allegedly failed to identify future training needs for its personnel, the 483 said..

voteDevice manufactuer Coviden in Chicago was chastised after an inspection earlier in the year for CAPA shortcomings lacking “quality data sources that indicate the occurrence of high risk non-conformities.” The firm was also found wanting for failure to have a CAPA in place to “ensure that failure investigations are comprehensive.” Further, the FDA says it found a lack of a CAPA to “correct and prevent the issue of incomplete device history records.”  Coviden manufactuers a number of products, including respiratory monitors and endomechanical products.

Other CAPA-related problems were found at Denver-based Sandhill Scientific. There, the FDA alleges the company lacked adequate an adequate CAPA program to address nonconformities and root causes. The company manufactures monitors aiding in acid reflux detection and a high resolution manometry system.

Arrow International in Parsippany, New Jersey, a Class II manufacturer of catheters,  was hit with a 483 because “a validated process was not reviewed and evaluated when changes or process derivations occurred.”

We’ll keep tallying FDA’s real “votes” and an eye on real trends coming from the agency.

TwitterFacebookGoogle+LinkedInEmailPrintFriendlyShare
Filed Under: Bloggers, FDA Regulated, Medical Devices, Michael Causey, Quality Management, Regulatory Tagged With: , , , , ,

For FDA, Pleasing Everyone with UDI Guidance No ‘Party’

October 31, 2012 by Leave a Comment

Michael Causey, Editor & Publisher, eDataIntegrityReport.com

Former teen heart throb Rick Nelson had a hit with a song called “Garden Party” way back when. A key line in the song is something that the FDA may take to heart, “You can’t please everyone, so you’ve got to please yourself.”

Judging from the steady stream and granularity of the the comments already posted on the FDA’s UDI Guidance, it’s going to be tough for the FDA to make everyone happy.

As FDA explains it, a UDI is a unique numeric or alphanumeric code that includes a device identifier, which is specific to a device model, and a production identifier, which includes the current production information for that specific device, such as the lot or batch number, the serial number and/or expiration date.

The guidance comments, which are due by Nov. 7 for the guidance posted in July, generally applaud the idea of UDI, but many make strong cases for flexibility in its implementation.

A good example comes from CeloNova BioScience Inc. in a comment posted October 2 this year. They are a US-based medical device manufacturer who distributes its products around the world.

“We recognize the need to enhance patient safety through correctly communicating necessary data in an unambiguous manner but fundamentally disagree with the alpha-numeric date format proposed in 801.18.,” Celo writes in its comment.

“Acceptance of alpha data fields (JAN, FEB etc) will inevitably result in demand from many countries for their specific translations of the month to be incorporated on their labels whether in addition to or instead of the proposed format (contrary to 801.18(a)). Mandating inclusion of day as well as year and month (801.18 (b)) is not always relevant and in itself could be the potential cause of the current ambiguity (10.07.2012 being either 7th Oct or 10th Jul). Simply requiring Month and Year would eliminate this ambiguity and should be pursued through the International Standards Organization that has generated internationally accepted “symbols” for many aspects of device information and would be open to standardizing wholly numeric fields such as four digit year YYYY and two digit MM or MM-YYYY.”

Finally, Celo asks the agency to withdraw the alpha numeric date format and instead pursue a “wholly numeric field for month and year only.”

X-ray of hipFrom the hospital perspective, X-Ray Associates of Louisville commented, “it is time consuming and sometimes impossible to determine if an implanted device is ‘safe’ to go into the MRI machine. This delays and hinders patient care. It would be very helpful if, 1) implanted devices came with a statement that they are safe, unsafe, or conditional for exposure to the MRI environment, and if conditional, what are the conditions, and 2) if this data was given to the patient in the form of a card they can carry with them.”

Baystate Health Inc., in a comment posted Oct. 17, asks the agency to “incorporate all currently existing major medical device naming conventions, such as ECRI’s UMDNS and the UN’s UNSPSC.”

In a comment posted October 23, Frank G. Shellock, Ph.D., FISMRM, FACC, FACSM Adjunct Clinical Professor of Radiology and Medicine Keck School of Medicine, University of Southern California Director for MRI Studies of Biomimetic MicroElectronic Systems National Science Foundation, Engineering Research, simply says to the FDA, “if you believe that additional information should be required to assure the adequate identification of a medical device, please identify the information you believe is necessary and provide an explanation of your views.”

Another comment letter worth reviewing is an extensive one from Alere Inc., posted October 16, 2012. Imploring the FDA to “avoid reinventing the wheel, Alere makes a detailed and generally strong case for improving the UDI guidance.

• The manufacturer to enter data for as many jurisdictions as it wants

• Each jurisdiction (including FDA) to pull just whatever data it wants

Possibly request FDA to permit company to have controlled authority to edit some fields in GUDID. (E.g. company contact details) and permit optional inclusion of same data for ex US countries.

Everyone’s an angel when it comes to backing UDI, but as is often the case, the devil is in the details.

We’ll keep you posted.

TwitterFacebookGoogle+LinkedInEmailPrintFriendlyShare
Filed Under: Bloggers, FDA Regulated, Medical Devices, Michael Causey, Regulatory Tagged With: , ,

Summer Clearance: More FDA ‘Spygate,’ CAPA Warnings

August 23, 2012 by Leave a Comment

Michael Causey, Editor & Publisher, eDataIntegrityReport.com

Spring is traditionally the time to clean house, but we thought there were at least two items to take a look at again with updates as Summer 2012 winds down: The FDA’s embarrassing ‘Spygate’ scandal where agency officials are alleged to have eavesdropped on their own scientists, and the agency’s continued focus on CAPA in warning letters.

Certainly ‘Spygate’ is the juicier topic, and of more interest to the public at large. As we and others have noted before, it is chilling if the agency even appears to be trying to intimidate its scientists and other experts. Galileo could tell us all about the downsides of that kind of interference.

But it looks like Spygate isn’t going away, and in fact may have been worse then first suspected.  A Forbes contributor, Jon Entine, suggests that the earlier media coverage may have missed the point.

Specifically criticizing coverage in The New York Times, Entine notes that its articles “generated national headlines with its sympathetic portrayal of harassed scientists risking their careers to protect the public interest.” But, Entine suggests, “new revelations suggest the Times slanted the story by leaving out critical context. It appears that dissident employees are involved in what could be seen as an ambulance chasing shakedown scheme to profit from their allegations. In December 2009, while these ‘aggrieved’ reviewers were publicly lobbying the FDA and Congress to crack down on scanning devices, they had secretly filed a whistleblower lawsuit against these very same manufacturers that if successful could make them multi-millionaires.

Yikes.

Entine’s verdict? “The case has exposed the underbelly of what some critics believe is one of the more dysfunctional regulatory agencies in the federal government.”

Sure, CAPA is a relatively tame topic after all that cloak and dagger talk, but day in and day out the agency’s laser-like focus on it is arguably more important to the basic operations of device and pharmaceutical manufacturers. And here’s more evidence that trend isn’t changing: A tough July 17 warning letter to Medtronic hitting the company for assorted CAPA-related problems.

“FDA requests a prompt meeting with you [Medtronic] to discuss the pump motor corrosion failure mode and the scope and timing of corrective actions to address this ongoing problem,” the warning letter advises.  In other words, the agency didn’t like the CAPA program it saw in place there.

That meeting is set for Friday, September 7, just after the Labor Day holiday and the traditional end of the bathing suit season.

I wonder if those Medtronic folks are looking forward to the end of summer.

TwitterFacebookGoogle+LinkedInEmailPrintFriendlyShare
Filed Under: Bloggers, FDA Regulated, Medical Devices, Michael Causey Tagged With: , , ,

New FDA Warning Letters Show Old Focus on CAPA Remains

August 13, 2012 by Leave a Comment

Michael Causey, Editor & Publisher, eDataIntegrityReport.com

The latest group of FDA warning letters, an admittedly small batch, demonstrates that the agency remains fixated on Corrective and Preventive Action (CAPA) plans and related issues.

In 2010, CAPA accounted for the second and fourth most cited issues in FDA observations. In 2011, CAPA-related citations were ranked first and third.

In 2011, medical device firms were issued 175 warning letters, FDA officials say. Of those, 85% had CAPA citations, and 80% had purchase control citations.

See the pattern?

The medical device industry might not, exactly.

We’ve talked to drug and device makers recently who note that when you burrow down into FDA warning letters, it isn’t the agency saying a firm doesn’t have a CAPA program. No, just that the program in place is pretty weak.

Here are the latest enforcement examples coming out of FDA.

FDA logoA July 16, 2012 letter to Ningbo Huahui Medical Instruments Company Limited in China is a perfect example of what the FDA often finds.

The warning letter in part says that the FDA found, “Failure to adequately verify or validate the corrective and preventive action to ensure that this action is effective and does not adversely affect the finished device, as required by 21 CFR 820.100(a)(4).

For example, the reports for CAPA 2012-2-14 and CAPA 2012-1-05 do not contain evidence to indicate that the corrective actions taken were verified or validated as effective and did not adversely affect the finished device.”

A July 11, 2012 letter to Leisegang Feinmechanik-Optik GmbH in Germany alleged the company, “Does not include the requirements for implementing and recording changes in methods and procedures needed to correct and prevent identified quality problems.”

Getting CAPA just right isn’t easy. But getting it wrong can be even harder on your company. The FDA doesn’t show any sign of letting up on CAPA. Wise drug and devicemakers shouldn’t either.

TwitterFacebookGoogle+LinkedInEmailPrintFriendlyShare
Filed Under: Bloggers, FDA Regulated, Medical Devices, Michael Causey, Pharma/Biotech, Regulatory Tagged With: , , , ,

Part 1: Cloud Vendor Selection for Your Life Science Company – Benefits and Risks

July 30, 2012 by 1 Comment

Russ King, Managing Partner, Methodsense

Migrating to the Cloud:  What are the Benefits?

According to the National Institute of Standards and Technology, the cloud is “a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”

Most companies’ IT infrastructure use less than 30% of their capacity. It took years to get the capacity to where it is today, and it takes months to increase capacity. Employing qualified resources to maintain such an infrastructure is difficult and expensive.

Cloud providers utilize about 65% of their capacity and can add capacity quickly. In short, cloud providers benefit from economies of scale, which enables them to lower individual usage costs and centralize infrastructure costs. Companies benefit by only paying for what they consume. Companies can increase or decrease their usage rapidly, and can spend less time managing complex IT resources.

Not only do efficiency improvements reduce costs, the nature of some costs can change from being capital investment in hardware and infrastructure (CapEx) to a pay-as-you go (OpEx) model. Maximizing IT capacity utilization, improving IT flexibility and responsiveness, and minimizing cost are not the only advantages of the cloud.

Collaboration can be one of the most important advantages of cloud computing. Multiple users, from around the world, can collaborate more easily on documents and projects. Because the information is hosted in the cloud, and not on individual computers, business owners can collaborate with external stakeholders in a secure environment with nothing more than an Internet connection and some identity management controls.

Cloud ComputingThe most surprising benefit of the cloud is security. Top cloud providers have the best infrastructure and security technology with the top people maintaining that infrastructure and technology. Speaking before the House of Representatives, Army General Keith Alexander, commander of U.S. Cyber Command and Director of the National Security Agency, said cloud computing provides the best way to secure DOD networks. As Jesse Lipson pointed out in a recent Forbes article: “Most cloud computing companies are like experienced airline pilots. They are well trained, have backup systems and contingency plans in case they encounter an issue, and they have a full staff of professionals regularly checking and maintaining their service. Cloud software companies, knowing the implications of a crash on their business’ bottom line, invest significant resources into ensuring that such a disaster never occurs. Cloud computing companies can invest far more resources in data backup and security than your business can.” Compare this to the levels of protection that your company provides.

 

Selecting a Cloud Vendor:  What are the Risks?

While the cloud can be a compelling option for life science companies, understanding the risks associated with vendor selection is a critical first step. Cloud vendors often view life science companies as attractive clients because of their long term data management needs and the general belief that life science business delivers a premium for services that can quickly boost margins.  But, all too frequently, Cloud Vendors are unprepared for the critical data management needs of life science companies within the context of FDA regulations. The gap, framed by the Cloud Vendor’s strong desire for life science business, the vendor’s frequent lack of knowledge about regulatory requirements, and the perennial pressure on life science companies to control expenses, creates a recipe for short cuts and their associated risks.

The Cloud Vendor holds your most critical assets

The risk associated with a Cloud Vendor choice is directly related to the criticality of the data managed.  At the end of the day, the value of a pharmaceutical, biotech, or medical device company is instantiated in intellectual property.  This includes the information that satisfies the requirements of the FDA, as well as the requirements of potential commercial partners or buyers.  If your intent is to place your critical information in the cloud, then any risk created in your relationship with your Cloud Vendor directly reflects your willingness to potentially compromise your intellectual property and its valuation.

Your FDA regulatory obligations do not change just because you migrate to the cloud

The most frequent risk we see is allowing the priority of regulatory requirements to erode under the misconception that sophisticated data centers and technically savvy Cloud Vendor staff can compensate for, or somehow replace, the intent of FDA requirements to maintain data integrity, authenticity, and non-repudiation.  Migrating critical data to the cloud does not excuse you from regulatory obligations that would otherwise exist if you were hosting the services inside your company.   The same controls you are required to apply to your internally hosted infrastructure must be applied to your external cloud environment, which means partnering with a vendor that is willing and able to support these controls to the degree needed.

Validating computing environments, virtualized services and systems, security controls, and the actual migration to the cloud are required for compliance. Moreover, maintaining a state of compliance must take into consideration the Cloud Vendor’s tools, systems, practices, and procedures, and, most importantly, compensate for gaps between what the Cloud Vendor has in place and your regulatory obligations.  The real risk is realized when either regulators or potential partners have problems with the lack of controls to ensure data integrity and other electronic assurance information values.  Without such controls, you may not be able to sufficiently demonstrate the veracity of your intellectual property claims, which directly impacts the value of your IP and commercialization strategy

A common scenario:  What can to wrong with your Cloud Vendor selection

A Cloud Vendor sells private cloud services to a pharmaceutical company who subsequently performs a vendor audit on the Cloud Vendor.  The audit produces a gap analysis with observations and a commitment from the Cloud Vendor to resolve critical observations against an agreed upon time line.  The pharmaceutical company begins migration to the new cloud by validating the virtualization of their systems and then validating the migration to the cloud.  As the due date for observation remediation approaches, it becomes apparent that the Cloud Vendor cannot, or will not, address the critical observations on time.  The pharmaceutical company must then decide whether they will take on the work and cost of correcting the problems, or choose another vendor, whereby both alternatives threaten the anticipated savings the company thought they would enjoy. Choosing the right vendor from the onset helps mitigate this risk.

In Part 2 of this blog we explore practical strategies and tips to help you choose the right Cloud Vendor so you can avoid risk and enjoy the benefits of Cloud Computing.

About the authors:

Russ King is President of Methodsense, a consulting firm that helps clients deliver medical and technological breakthroughs by effectively meeting the requirements needed to bring their products to market.   He can be reached at (919) 313-3962 or rking@methodsense.com.

Jason Rock is Chief Technology Officer of GlobalSubmit, a products and services company that provides transparency in regulated healthcare products. He may be reached at  888-840-9580.


TwitterFacebookGoogle+LinkedInEmailPrintFriendlyShare
Filed Under: FDA Regulated, Featured, Medical Devices, Pharma/Biotech, SaaS & Cloud Computing Tagged With: , , ,

Venture Capitalists Show Confidence in Medical Device Sector

July 26, 2012 by 2 Comments

Michael Causey, Editor & Publisher, eDataIntegrityReport.com

I once saw Treasury Secretary Timothy Geithner buying shrimp at a nice fish place in my neighborhood. I wish I’d had the courage to walk over and ask whether he was a bull or a bear when it came to the medical device market.

But a new report from The Burrill Report may have answered the question just as well as my friend Tim.

Noting that drug developers shouldn’t be all that pleased by the new data, author Marie Daghlian notes, “medical device and technology developers are seeing a greater interest in their products, demand for which is expected to grow as the global population ages and demands improved quality of life.”

In fact, investment in medical device and technology companies, while still lower than what therapeutics garnered, was up 37% in the first half of 2012, from $1.1 billion in 2011 to $1.5 billion in these most recent figures available.

The medical device industry has been tied up in knots to a degree over looming federal regulation and perceived inconsistencies from FDA inspectors and the agency’s focus. That doesn’t seem to be fazing the money guys, though.

Money Tree“The increased investment also comes despite worries of increased regulatory scrutiny and reimbursement uncertainty,” Daghlian reports. She cites a survey in late 2011 conducted by the National Venture Capital Association that found nearly 60% percent of venture capitalists expected a decrease in investment in the biopharmaceutical and medical device sectors.

Looks like the VCs may have changed their mind, at least as evidenced by this latest report.

Finally, data compiled by The Burrill Report itself found that funding at all stages for medical device financings that have disclosed the funding stage increased in the first half of 2012, compared to the first half of 2011.

Investors take note: Geithner is a relatively young man, but a lot of those Federal Reserve guys and Capitol Hill types aren’t exactly spring chickens. I’ve seen Former Fed Chair Alan Greenspan at Nationals games a few times this season, and he’s a spry guy for his age, but he’s also a poster adult (as opposed to child) for the growing demand for medical devices among affluent folks who want to remain active for many years to come.

As Deep Throat said in the movie version of “All The President’s Men,” we’d do well to follow the money when we try to read the tea leaves for the medical device industry.

Maybe I’ll bounce this off Tim the next time I see him at our fish place.

TwitterFacebookGoogle+LinkedInEmailPrintFriendlyShare
Filed Under: Bloggers, Categories, FDA Regulated, Medical Devices, Michael Causey Tagged With: , ,

FDA Looks Back for Future Funding

July 10, 2012 by Leave a Comment

Michael Causey, Editor & Publisher, eDataIntegrityReport.com

Back in the day when the networks owned most of the TV attention, summer was a vast wasteland of summer reruns and horrors like “Battle of the Network Stars.” But today, largely thanks to cable channels like HBO and FX, there are plenty of good new shows airing fresh episodes during the dog days.

I’m getting to the point.

FDA Facebook PageIt appears the FDA may have missed the memo on this. A recent posting on their Facebook page noted that “health claims from drug and device manufacturers have a long history of being fraudulent.” Ok, fair enough, though it does seem to a bit of a blind side attack with little context. To my knowledge, we aren’t at the moment reeling from any massive new fraudulent claim from either. Sure, they happen. They’ll happen again. But why pick on Hagi Pipes? And why now?


Turns out the FDA is still really worried about bad industry claims from fifty years ago. “During the late 50s and early 60s, items like the Hagi Pipe were sold to ‘prevent lung cancer’.”  The FDA Facebook post notes that its then commissioner, “used examples like this to get appropriations from Congress.”

Well we all remember the ads featuring movie stars like Ronald Reagan saying docs had told him cigarettes soothed his throat and the like. Way back, some got mad when it was suggested the earth was round, too. Big claims, true or otherwise, probably go back to the first caveman who suggested trying a wheel until someone clubbed him to death.

My point here isn’t that the drug and device industry aren’t above making fraudulent claims sometimes. But I believe those are the tiny minority. And I don’t quite understand why the FDA is relying on a summer repeat of a 1950s chestnut when we need to focus on productive ways to best enhance patient safety and encourage innovation in 2012 and beyond.

Given this economy, it’s worth emphasizing that the FDA just got a richly deserved budget boost.  It’s time for the agency to take the high road, and get down to real business. We live more safely in a world today without Hagi Pipes, I’ll agree. But let’s encourage the FDA to focus on the here and now challenges.

TwitterFacebookGoogle+LinkedInEmailPrintFriendlyShare
Filed Under: Bloggers, FDA Regulated, Medical Devices, Michael Causey, Pharma/Biotech, Regulatory Tagged With: , ,

FDA User Fee Bill Could Pass This Summer

May 11, 2012 by 1 Comment

Michael Causey, Editor & Publisher, eDataIntegrityReport.com

The long and winding road for the FDA’s user fee bill may finally be reaching its destination on Capitol Hill. In a rare display of bipartisanship, the smart money is on the bill being sent to the full House of Representatives next month after more than a year of twists and turns.

The good new for medical device firms: It appears an amendment that would let the FDA nix applications based on similarity to recalled, defective medical devices won’t be in the final bill. That’s a disappointment to some consumer groups, and the amendment’s sponsor, Rep. Ed Markey, Democrat from Massachusetts.

Looming over the bill and healthcare-land in general is an expected June Supreme Court ruling on President Obama’s national healthcare program.  However that ruling goes, it could re-politicize the healthcare debate and knock the FDA user fee bill off the tracks unless it gets passed before the ruling.

The bill as currently written would let the FDA collect user fees from device, pharmaceutical, and biologics manufacturers to help fund the agency’s approval and monitoring work.

The Senate is expected to take up its own, similar, version of the bill next week.

Based on the relatively smooth mark-up, or review, of the bill, most insiders expect it to emerge in pretty much its current form and become the law of the land quite soon.

Watch this space in the coming weeks and months. We’ve had a bit of a respite from partisanship, but it’s election season in D.C. and anyone who expects this relative harmony to continue is as naive as a Washington Redskins fan expecting the team to win a Super Bowl anytime soon.

TwitterFacebookGoogle+LinkedInEmailPrintFriendlyShare
Filed Under: Bloggers, FDA Regulated, Medical Devices, Michael Causey, Pharma/Biotech, Regulatory Tagged With: , ,

Part Two: Life Sciences Companies and the Value of the Cloud

May 7, 2012 by 1 Comment

Russ King, President, Methodsense

In part one of this blog, we discussed some common misconceptions about Cloud computing for life sciences companies. We also talked about some of its benefits. This time around we’re going to look at  a few more misconceptions and highlight some of the ways it can help life science companies get a better handle on edata.

Misconception #6: Maintaining your Cloud in a Validated State is Impossible

As long as you’ve understood the impact the provider’s systems and infrastructure have on your validation strategy, then you can create controls to ensure your private cloud remains in a validated state.   Anticipate the need to collaborate with the cloud provider on change controls with the introduction of hardware or software modifications.  Again, you can set these expectations, and probably garner more cooperation, if you incorporate such considerations into your vendor selection criteria.

Misconception #7: A Cloud Environment does not Allow the Segregation of Information

As mentioned in Misconception #1, there are a variety of cloud environments. Private clouds are the best solution to manage data in regulated industries. They give you the most control and security because you can limit who has access to your computing environment.

With a private cloud you’re also able to set up different channels for each information group and create boundaries with respect to your regulated information. These channels allow you to “segregate” your data, establish controls and set permissions.  Virtual machines can also serve a similar purpose.

Misconception #8: FDA Regulations Related to Validation do not Apply to Clouds

A third party hosted cloud environment does not excuse you from regulatory obligations that would otherwise exist if you were hosting the services inside your company.   The same goals and strategies you apply to your local infrastructure should be applied to your cloud environment. FDA regulations can be met; you just have to be aware of the applicable risks, the controls for mitigating those risks and the right partner to assist you.

Cloud ComputingSummary

When you’re in the process of developing your Life Science cloud environment, a detailed risk assessment will be critical to your success and security. Your risk management plan should:

  • Include a complete vendor audit
  • Outline the operational processes and procedures of the cloud environment
  • Identify any major security and privacy risks
  • Consider business, financial, compliance and intellectual property risks
  • Document risk management strategies
  • Provide recommendations to improve the security and on-going compliance

Conclusion

Because you are ultimately responsible for your data’s authenticity, veracity, and security, establishing compliance boundaries and conducting periodic analysis of the technology environment is imperative. Be sure to define your validation and regulatory requirements so they apply to your cloud solution.

Whether you are an early adopter or are fighting virtualization every step of the way, cloud computing is here to stay. Shifting your technology operation to the cloud includes benefits, such as:

  • Improved scalability, both up and down
  • Increased access to and utilization of key business assets
  • Improved controls on security and data access
  • Increased innovation due to collaboration and availability of resources

Although cloud computing isn’t without it’s difficulties, it’s definitely a viable option for Life Science businesses. To ensure a successful implementation:

  • Perform a complete vendor audit
  • Outline the operational processes and procedures of your cloud environment
  • Identify any major security and privacy risks
  • Consider business, financial, compliance and intellectual property risks
  • Document risk management strategies
  • Provide recommendations to improve the security and on-going compliance

If you missed Part I of this series, you can read it here.

About the author:

Russ King is President of Methodsense, a consulting firm that helps clients deliver medical and technological breakthroughs by effectively meeting the requirements needed to bring their products to market.  They guide medical device, biotech and pharmaceutical companies with quality, regulatory and technology solutions, enabling clients to operate more effectively during the commercialization process and beyond. MethodSense is located in the heart of Research Triangle Park, North Carolina – home to one of the world’s largest biotechnology clusters and a hub for technology-based innovation.  We invite your communication: Russ King, (919) 313-3962 or rking@methodsense.com.

TwitterFacebookGoogle+LinkedInEmailPrintFriendlyShare
Filed Under: FDA Regulated, Medical Devices, Pharma/Biotech, Regulatory Tagged With: , , , , ,
«Older Posts
Newer Posts»