ARTICLES BY JOHN GIANTSIDIS

• Secure By Design And Default: Compliant Medical Device Development

  1/8/2024

  The Cybersecurity and Infrastructure Security Agency, National Security Agency, FBI, and international partners issued recommendations for tech manufacturers to ensure product security and, thereby, assist medical device designers and manufacturers in meeting the quality system cybersecurity considerations mandated by the FDA. 

• FDA’s Grace Period For Medical Device Cybersecurity Is Over. Are You Ready?

  9/18/2023

  The FDA had established a grace period for all medical device manufacturers to ensure that you are incorporating cybersecurity during the design and validation of cyber devices. The end date of the grace period, and the seminal date in medical device cybersecurity enforcement, is Oct. 1, 2023. Are you prepared?

• Medical Device QMS Cybersecurity: Threat Modeling

  2/17/2023

  The FDA considers threat modeling fundamental in your premarket submission and expects you to include system level risks in its creation and deployment. But how do we go about threat modeling for our device? And how do we build the requisite QMS infrastructure and processes? This article shares a four-step strategy.

• New EU Directive Marks Cybersecurity Regulatory Paradigm Shift For Bio/Pharma & Medical Devices

  2/15/2023

  The EU's new Directive 2022/2555 on the Security of Network and Information Systems (“NIS2”) mandates cybersecurity risk management measures and reporting requirements for all segments of our industry, including labs; CROs and CDMOs; and manufacturers of APIs, bio/pharmaceuticals, and medical devices.

• FDA Vs. Congress: The Software Showdown

  11/14/2022

  September 2022 will be remembered as a seminal turning point in digital health in the U.S. With the FDA’s final guidance on Clinical Decision Support (CDS) software, the FDA disregards a Congressional directive when it enacted the 21st Century Cures Act in 2016. 

• cGMPs For SaMDs

  8/23/2022

  Unlike traditional medical devices, software as a medical device (SaMD) can blur the lines between the design and development stages and the production aspect of commercialization. So, what are the activities necessary for medtech manufacturers to be compliant with the traditional cGMP framework?

• FDA Releases Guidance On Cybersecurity In Medical Devices

  5/31/2022

  The digital revolution that resulted in the IoT, IoMT, SaMD, and connected devices comes with the possibility of cyberattacks. The FDA's latest efforts to enhance medical device cybersecurity include a new draft guidance (covered in this article) and bipartisan congressional support of the PATCH Act of 2022 (which will be covered in a future article).

• FDA Releases Guidance On Digital Health Data Acquisition In Clinical Investigations

  3/8/2022

  Increasingly, digital health technologies are becoming part of the conduct of clinical trials. They cover a broad range of applications, including ingestible and implantable sensors, wearables, electronic signatures on consent forms, and more. This article summarizes the key takeaways of the FDA's new draft guidance, Digital Health Technologies for Remote Data Acquisition in Clinical Investigations. The public comment period ends March 22, 2022.

• The Clinical Trial Sponsor’s Roadmap To Avoid EMA (Cyber) Perdition

  3/1/2022

  Clinical trials are one of the sectors most vulnerable to cyberattacks. In the European Medicines Agency (EMA)'s Guideline on computerized systems and electronic data in clinical trials, the EMA goes beyond the traditional software validation and data integrity expectations. It sets requirements and expectations pertaining to user management and ongoing security measures.

• Digital Health Apps & SaMD: Incorporating Privacy In Design & Development

  9/1/2021

  Some digital health apps are regulated by the FDA and other regulatory bodies, and some are not. But all software as a medical device (SaMD) and digital health apps have a common expectation: privacy. This article delves into the related regulations and how to go about developing your app or SaMD using the 7 principles of privacy by design.