Enabling Security & Privacy in Digital Health
Strategic & tactical medical device cybersecurity, risk management, privacy, SaMD/SiMD regulatory compliance consulting.
Our Services
Medical Device Cybersecurity Management
Medical Device Cybersecurity Management
Medical Device Cybersecurity Management
We can implement a total product life cycle (TPLC) program where medical device cybersecurity risk is evaluated and mitigated in the design, manufacturing, testing, and post-market monitoring activities.
Does your device meet the expected documentation regarding cybersecurity?
SaMD Development & Commercialization
Medical Device Cybersecurity Management
Medical Device Cybersecurity Management
Software is becoming increasingly important in medical devices. In addition, it is becoming more and more important as a medical device in its own right. Now, considering the ability of such software to perform tasks
that normally require human intelligence renders the SaMD as an Artificial Intelligence/Machine Learning SaMD.
Can your product development practices support the submission, approval, and commercialization of your SaMD?
Privacy and Data Governance
Medical Device Cybersecurity Management
Software Validation & Data Integrity
Is your organization ready for GDPR? How about CCPA? Do you have an overarching approach for Data Governance? Can you continually ensure Data Integrity?
These are some of the "hot" areas in Privacy right now.
The GDPR fines continue to amass; action is necessary.
Software Validation & Data Integrity
Medical Device Cybersecurity & Privacy Education & Training
Software Validation & Data Integrity
Cybersecurity Management
Medical Device Cybersecurity & Privacy Education & Training
Medical Device Cybersecurity & Privacy Education & Training
In today’s heightened cyber threat environment, have you:
identified systems, users, data, applications, and entities on the network, including connected medical devices; identified and managed vulnerabilities in enterprise components and patients.
If not, we can help.
Medical Device Cybersecurity & Privacy Education & Training
Medical Device Cybersecurity & Privacy Education & Training
Medical Device Cybersecurity & Privacy Education & Training
We have conducted numerous cybersecurity management education and awareness sessions.
It is vitally important to instill "Cyber Hygiene" from the top down. Whether teaching the fundamentals or collaborating on improving technical posture, we can be there to deliver awareness and demystify cybersecurity.
There are several other topics that can be delivered on-site or remotely.
Custom-training and education to fit any size, or complexity of an organization.
Regulatory Compliance
Regulatory Compliance
Regulatory Compliance
The rapid development and constantly changing landscape in our industry, coupled with ongoing changes in compliance regulations, here and abroad, it is of the utmost importance for a company to have an effective strategy and team to achieve such compliance. The expanding regulatory forces demand that leaders can develop practical and effective solutions for meeting the challenges of integrating Research, Manufacturing and Commercialization, while properly integrating culture, process and technology to address current and emerging requirements and performance expectations.
Developing, implementing and maintaining compliance standards requires the visionary leadership and seasoned experience and must go beyond the systems; it is vital in building a collaborative internal culture.
Let us help instill the “right-the-first-time” mentality and continuous improvement throughout your organization.
Design Controls
Regulatory Compliance
Regulatory Compliance
Design Controls is a recognized product development approach based on regulations from both the FDA and the international community.
It’s a methodology born out of the Medical Device industry, however, its approach can be successfully applied to any other industry with the advantage of improved Quality by Design.
Successful implementation of Design Controls employs a priority on upfront planning and a perpetual focus on the needs of the customer. Too often we’re excited to design new features that we think are cool, with less regard for its value to the customer. Too often we like to perfect designs, which often delay product launches, whereas the customer doesn’t ask for perfection. They ask for a good product sooner.
Another key component of Design Controls is the discipline to thoroughly test designs prior to releasing them in production. Too often we’re so confident in our designs that we rush things into manufacturing in order to meet a deadline, only to find surprises later on. Ensuring with objective evidence that a product works as intended helps to catch problems earlier and minimize surprises later.
This is what we do.
Risk Management
Regulatory Compliance
Risk Management
Risk Management is a methodology for evaluating risks that may currently exist, putting controls in place to mitigate those risks, and re-assessing any residual risk for acceptability. The latter is an ongoing process that is perpetually updated with currently available information.
Risk Management can take on many forms, however, the scope here excludes overall project or business risks and is limited to technical risks associated with product safety and efficacy. The broadly recognized approach is based on the ISO 14971 regulation, born out of the Medical Device industry, however, its approach can be successfully applied to any other industry with the advantage of improved Quality by Design.
Successful implementation of Risk Management employs a priority of up-front assessments from a variety of perspectives as seen by the user(s), designers, and manufacturers. Too often we’re enthusiastically racing through a first design and into the lab to make the first prototype, without taking a few minutes to consider what could go wrong. Taking those few minutes (or a bit longer depending on the complexity of the product) is far less fun, but it can yield some surprisingly beneficial revelations regarding what could go wrong. And it really need not take that much time. This approach keeps the focus on the customer’s safety and satisfaction. It focuses our design effort to guard against the really big gaffs.
The overall process is straightforward and disciplined, and it begins by identifying any and all sorts of potential Hazards and Harms associated with the product and its functionality. What could go wrong and how harmful would it be? From there we judge how serious (AKA Severity) the harm could be. Importantly the severity of these harms cannot be affected whatsoever by our design. What we do have control over however is the likelihood of the harm to occur with our design and how easily we may be able to detect a flaw prior to a harm occurring.
It may not be as much fun, but wouldn’t it be powerful to sit down at the CAD terminal or walk into the lab armed with this knowledge?
This is what we do.