Cybersecurity and US FDA Requirements

Speaker

Instructor: John E Lincoln
Product ID: 706716
Training Level: Intermediate

Location
  • Duration: 60 Min
Cybersecurity is the art of protecting networks, devices, and data from unauthorized access or criminal use. It is the practice of ensuring confidentiality, integrity, and availability of information.
RECORDED TRAINING
Last Recorded Date: Jun-2021

 

$299.00
1 Person Unlimited viewing for 6 month info Recorded Link and Ref. material will be available in My CO Section
(For multiple locations contact Customer Care)

$399.00
1 USB is for usage in one location only. info CD/USB and Ref. material will be shipped within 15 business days
(For multiple locations contact Customer Care)

 

 

Customer Care

Fax: +1-650-362-2367

Email: [email protected]

Read Frequently Asked Questions

Why Should You Attend:

Cybersecurity is the preventing the theft / modification of e-records by unauthorized access. A growing concern for all – legal, financial, consumer, personal, and the FDA. It's a recent concern for the medical products industries, a result of their increased reliance on networked electronic software, records and signatures.

There are regulations such as 21 CFR Part 11 in the U.S. and Annex 11 in Europe. But they are insufficient to prevent this growing threat. The FDA and news media have emphasized the prevalence of cybersecurity issues, such as data / identity theft, and hacking which pose hazards to many activities and businesses / industries. The US also has the Health Insurance Portability and Accountability Act of 1996 (HIPAA) requirements for patient data protections. The EU has the new, tough General Data Protection Regulation (GDPR), as of May 2018.

So, cybersecurity is an issue that will only increase over time, as records become more electronic, and communications are more networked or accessible to outsiders / hackers. As a result the FDA has mandated further requirements to be taken by regulated industries to better control this threat, in validations, CGMP documentation, submissions to the Agency.

Due to the growth of the cybersecurity threat to electronic records, computer-controlled manufacturing, and medical devices, the US FDA has issued Guidances for Industry, e.g.: 1) “Cybersecurity for Networked Medical Devices Containing Off-the-Shelf (OTS) Software Document”, and 2) “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices”, and 3) “Post market Management of Cybersecurity in Medical Devices” -- Draft.

This webinar will focus on the key issues raised by the FDA, not just for devices, but expectations for industry. Cybersecurity in the medical products industries is coming under increased regulatory review. The Agency leaves the how of cybersecurity compliance up to the manufacturer, as long as the principles in the guidances are met in the resulting product and/or system; and on electronic-specific tools / techniques to achieve CGMP compliance.

Updates, upgrades, new revisions / releases, service packs, and similar are automatically uploaded to a company’s systems, which can pose security risks, with the potential for introduction of compromised code, retrieval of confidential data, data integrity issues, and similar; and render previous computer systems’ verification and validations worthless. The necessary role of the system administrator adds another area of concern.

This webinar will consider how cybersecurity is introduced into the CGMPs, design control (21 CFR 820.30) for devices, and post-production by the CAPA system, among others.

Areas Covered in the Webinar:

  • Cybersecurity and the FDA
  • Key Guidance Documents on Cybersecurity
  • FDA’s enforcement approaches
  • Network vulnerabilities issues
  • Cloud, updates and other concerns
  • FDA’s regulatory approach; Examples
  • Design, security tools and other requirements
  • Validation and unique documentation requirements

Who Will Benefit:

  • Senior management in Devices, Combination Products
  • QA / RA
  • Software development, programming, documentation, testing teams
  • R&D
  • Engineering
  • Production
  • Operations
  • Marketing
  • Consultants; others tasked with product, process, electronic records software V&V responsibilities
Instructor Profile:
John E Lincoln

John E Lincoln
Principal, J E Lincoln and Associates

John E. Lincoln, is Principal of J. E. Lincoln and Associates LLC, a consulting company with over 36 years’ experience in U.S. FDA-regulated industries, 22 as a full-time consultant. John has worked with companies from start-up to Fortune 100, in the U.S., Mexico, Canada, France, Germany, Sweden, China and Taiwan. He specializes in quality assurance, regulatory affairs, QMS problem remediation and FDA responses, new / changed product 510(k)s, process / product / equipment including QMS and software validations, ISO 14971 product risk management files / reports, Design Control / Design History Files, Technical Files. He's held positions in Manufacturing Engineering, QA, QAE, Regulatory Affairs, to the level of Director and VP (R&D). In addition, John has prior experience in military, government, electronics, and aerospace. He has published numerous articles in peer reviewed journals, conducted workshops and webinars worldwide on CAPA, 510(k)s, risk analysis / management, FDA / GMP audits, validation, root cause analysis, and others. John is a graduate of UCLA.

Frequently Asked Questions:

  1. You specifically called out the System Administrator as a key person with access to systems. Can you differentiate if you mean this for the IT systems of the medical device vendor used for daily operation or for the medical device in a hospital?
  2. What are the cybersecurity reference to a guidance or similar.
  3. Can you explain where the FDA mandates annual cybersecurity training?
  4. What is the most important part of the secure software development lifecycle that the FDA focuses on?
  5. How important is 3rd party penetration testing of new products?
Follow us :

 

 

Refund Policy

Registrants may cancel up to two working days prior to the course start date and will receive a letter of credit to be used towards a future course up to one year from date of issuance. ComplianceOnline would process/provide refund if the Live Webinar has been cancelled. The attendee could choose between the recorded version of the webinar or refund for any cancelled webinar. Refunds will not be given to participants who do not show up for the webinar. On-Demand Recordings can be requested in exchange. Webinar may be cancelled due to lack of enrolment or unavoidable factors. Registrants will be notified 24hours in advance if a cancellation occurs. Substitutions can happen any time.If you have any concern about the content of the webinar and not satisfied please contact us at below email or by call mentioning your feedback for resolution of the matter. We respect feedback/opinions of our customers which enables us to improve our products and services. To contact us please email [email protected] call +1-888-717-2436 (Toll Free).

 

 

+1-888-717-2436

6201 America Center Drive Suite 240, San Jose, CA 95002, USA

Follow Us

facebook twitter linkedin youtube

 

Copyright © 2021 ComplianceOnline.com MetricStream
Our Policies: Terms of use | Privacy

PAYMENT METHOD: 100% Secure Transaction

payment method