Medical Device Software – Cybersecurity vs Interoperability under the FDA


Cybersecurity and interoperability, or the lack of it, create two major problems for software users in the device industry and in the healthcare information system in general. Both problems generate anxiety and frustration for manufacturers, healthcare providers, users, and customers/patients. Neither of these problems will be going away, at least in our lifetime. The federal government has put forth an initiative to mitigate these ever present and pervasive problems. The President issued an Executive Order, 13691, released on February 13, 2015, to establish an Information Sharing Analysis Organization (ISAO) to provide a forum for sharing experience and strategy about cybersecurity risk mitigation. The FDA’s draft guidance for the “Postmarket Management of Cybersecurity in Medical Devices” (Issued January 2016) indicates that the development and participation in the ISAO means cybersecurity routine updates do not need to be reported under the FDA’s “Corrections and Removals” regulation. (21 C.F.R. Part 806) Typically such updates and patches are treated as recalls by the FDA because of the impact on labeling, instructions for use and training. This regulatory relief reduces paperwork, the costs associated with it and reduces your paperwork and regulatory risks under that regulation.

In concert with an industrywide effort to manage cybersecurity issues, The HHS Office of the National Coordinator (ONC) and FDA have partnered with the National Institute of Standards and Technology (NIST) to offer technical guidance on cybersecurity management and the implementation of open standards for interoperability. The lack of interoperability is a major cost factor for health care, those kinds of costs can be reduced and software users can use software systems with a greater assurance of functionality.

One major drawback is the fear that industry has about participating in open programming/standards for the purpose of increasing interoperability and the fear of giving away proprietary programs, especially those associated with cybersecurity. They seem inherently irreconcilable. The webinar will address how the federal government (HHS/FDA/NIST) is creating a way to create a mutually beneficial consortium to share information and experience concerning interoperability and cybersecurity. There is an immediate benefit to industry with FDA’s regulatory relief from required reporting. There is an associated value in providing your customers and users an added level of assurance that your software product can be included in a network rather than end up being a white elephant in the room that is incompatible with its peers.

Areas Covered in the Session :

  • FDA Guidance and Strategy
    • Industrywide approach
    • Regulatory relief from required reports
  • HHS/Office of the National Coordinator
    • Management of Health Information
  • National Institute of Standards and Technology
    • Cybersecurity guidelines
    • Interoperability guidelines
  • Business risks vs. benefits for application interface programs (AIP)
  • Enterprise systems and networks
  • FBI warning to the medical device industry

Who Will Benefit:

  • Regulatory Affairs Departments
  • Quality Assurance Departments
  • Software Design Engineers
  • Manufacturing Departments
  • Compliance Departments
  • Hospital Risk Departments
  • Software Program Marketers
  • IT Security Departments
  • Marketing Managers
  • Home Healthcare Services
  • Healthcare Information Protection
  • Capital Venture Firms
  • Medical Device Consultants

Casper E. Uldriks

Casper (Cap) Uldriks brings over 32 years of experience from the FDA. He specialized in the FDA’s medical device program as a field investigator, served as a senior manager in the Office of Compliance and as an Associate Center Director for the Center for Devices and Radiological Health. He developed enforcement actions and participated in the implementation of new statutory requirements. He is recognized as an exceptional and energetic speaker. His comments are candid, straightforward and of practical value. He understands how FDA thinks, operates and where it is headed. Cap is the President of Encore Insight LLC, a consulting and training service for FDA law and operations.

  Go PRIME   🛈 $ 240 SELECT
  Personal Plan 🛈 $ 3000 SELECT
  Business Plan 🛈 $ 9000 SELECT

  • Login Information with Password to join the session, 24 hours prior to the webinar
  • Presentation Handout in .pdf format
  • Presentation from the Speaker
  • Feedback form
  • Certificate of Attendance
  • Recording access Information with Password to view the webinar, will be sent 24 hours after the completion of the Live webinar.
  • Presentation Handout in .pdf format
  • Certificate of Attendance