Cybersecurity Unauthorized

12.0
RAC Credits
Wednesday, 17 March 2021 (9:00 AM) - Thursday, 18 March 2021 (5:00 PM) Eastern Time (US & Canada)
Cybersecurity has proven to be a challenge not only with regard to ensuring the security of medical devices, but also preparing documents for regulatory submissions. Health authorities in many regions, including the US, Australia, Canada, and Japan, have released new cybersecurity guidance documents. In addition to premarket concerns, some of these guidance documents also include expectations for postmarket expectations.

Medical device companies struggle to build security programs into quality systems that were likely not designed to address typical security issues such as hardening, vulnerability management, and global incident response.

This workshop will help regulatory and quality professionals develop the knowledge they need to help steer their organizations in the right direction when it comes to global cybersecurity expectations. Technical staff will benefit from better understanding of how to translate regulatory expectations into concrete design and development activities. Organizational leaders will gain strategic knowledge that will increase the likelihood of successful submissions and help establish trust with customers who have concerns about risks related to medical devices on their networks.

Pricing Amounts & Deadlines

22 December 2020 – 17 February 2021: Early Bird $800 Member | $900 Nonmember
18 February 2021 – 16 March 2021: Regular $900 Member | $1000 Nonmember

Objectives

After this program, participants will be able to:
• Better understand international regulatory expectations for medical device cybersecurity
• Learn the main components of a product security program aligned with global expectations
• Understand how to use pre-submissions to reduce the likelihood of cybersecurity-related deficiencies
• Build more successful regulatory submissions

Who Should Attend?

This workshop will help regulatory and quality professionals develop the knowledge they need to help steer their organizations in the right direction when it comes to global cybersecurity expectations. Technical staff will benefit from better understanding of how to translate regulatory expectations into concrete design and development activities. Organizational leaders will gain strategic knowledge that will increase the likelihood of successful submissions and help establish trust with customers who have concerns about risks related to medical devices on their networks.

Agenda

I. The challenge of security: What makes this issue unique?
II. Introduction to global regulatory expectations
a. US, Canada, EU, Australia, China, Japan, France, Germany, IMDRF, etc.
b. Breakout: plan your submission from a given country
III. Security vs privacy: understanding the relationship and uniqueness
IV. Pre-submission strategies for successful cyber submission
V. Submission strategies: What to include and what to leave out
VI. Lessons learned: What regulators would like you to know about your submission
VII. Cybersecurity standards: not your typical approach
VIII. Product security programs: the 7 pillars
a. Governance
b. Design and testing
c. Risk management
d. Labeling and communication
e. Vulnerability management
f. Incident response
i. Breakout: tabletop exercise: “You’ve been hacked! Now what?”
g. Supply chain
IX. Musical chairs: Who’s typically responsible for different aspects of a security program?

Speaker(s)


Michelle Jump, Global Regulatory Advisor, Medical Device Cybersecurity, MedSec 
Michelle Jump is the Global Regulatory Advisor, Medical Device Cybersecurity at MedSec, where she is responsible for providing strategic leadership, training and advisory services to the medical device industry in the area of cybersecurity compliance, global regulations, standards, product security program development, and security risk management.  


Suzanne B. Schwartz, MD, MBA, Director, Office of Strategic Partnerships and Technology Innovation, Center for Devices and Radiological Health (CDRH), FDA 
Suzanne B. Schwartz, MD, MBA is the Director of the Office of Strategic Partnerships and Technology Innovation (OST) at FDA’s Center for Devices & Radiological Health (CDRH).   Suzanne’s work in medical device cybersecurity includes raising awareness, educating, outreach, partnering and coalition-building within the Healthcare and Public Health Sector (HPH) as well as fostering collaborations across other government agencies and the private sector. Suzanne has been recognized for Excellence in Innovation at FDA’s Women’s History Month for her work in Medical Device Cybersecurity.


Cancellation Policy

RAPS reserves the right to cancel this program at its sole discretion. RAPS will not be responsible for travel or other costs incurred due to cancellation.

All cancellation requests must be submitted in writing via our online cancellation form. RAPS is unable to accept cancellations by phone. Please specify the name of the person registered and event title.

Substitutions may be accepted with written approval from RAPS and must be submitted to raps@raps.org.

If you have questions or concerns, please contact RAPS customer service at +1 301 770 2920, ext. 200, or via email at raps@raps.org