BSides Las Vegas 2015 Tuesday, August 4, 2015. Medical Overview Many, many stakeholders Diversity of devices, from swallowable pills to enormous radiological.

Slides:



Advertisements
Similar presentations
SAFE AND WELL Angela McKinnon Feb What is Safe and Well? A document building on previous guidance - part of the SE reform programme Supplement.
Advertisements

Richard Hibbert RSRL Quality, Assessment and Management Systems Manager Process management Requirements in IAEA Standards and Guides.
The Building Blocks of Public Involvement Presented By Kevin E. Davis Environmental Supervisor ODOT Office Of Environmental Services The Ohio Planning.
Being Open Suzette Woodward Director of Patient Safety Strategy NPSA July 2008.
National Cyber Security and Information (Cyber) Security Awareness Prof SH (Basie) von Solms Immediate Past President : IFIP University of Johannesburg.
Interstate Natural Gas Association of America INGAA Action Plan to Build Confidence in Pipeline Safety INGAA Integrity Management Continuous Improvement.
1 Federal Communications Commission Public Safety and Homeland Security Bureau NARUC Summer Committee Meetings Dallas, Texas July 13, 2014 Clete D. Johnson.
Industrial Railways: An Emerging Sector Presentation to the Industrial Railway Safety Conference Michael Bourque President and C.E.O. of the Railway Association.
NIS Directive and NIS Platform
CADTH – CNESH Panel Presentation Representing Canada’s Medical Technology Industry April 13 th, 2015 Alison Drinkwater: Director of Public Affairs Baxter.
Techuk.org |#techuk Introducing techUK Volcrowe/ Nemode Workshop. 22/4/15.
CDRH Software Regulation
LIMITLESS POTENTIAL | LIMITLESS OPPORTUNITIES | LIMITLESS IMPACT Copyright University of Reading IMPACT AND THE SCIENCES Anthony Atkin (Research Impact.
Introduction to Standard 2: Partnering with consumers Advice Centre Network Meeting Nicola Dunbar October 2012.
A Case Study of the City of Toronto Focus on Government Security - June 19, 2013.
Giandonato CAGGIANO ENISA MANAGEMENT BOARD REPRESENTATIVE LEGAL ADVISER ON EUROPEAN AFFAIRS OF THE MINISTRY OF COMMUNICATIONS U. OF ROMA TRE LAW FACULTY.
National Standards for Safer Better Healthcare
Skills Development Workshop The Castle, Kyalami 26 th February 2007.
The standard setting programme of the GPhC Priya Sejpal.
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
National Broadband Plan APCO International 75 th Annual Conference and Exposition August 16-20, 2009 Las Vegas, NV Jennifer Manner, Deputy Bureau Chief,
APPROVED JULY 2014 GACAG Overview APPROVED JULY 2014 Role of GACAG GACAG Overview Priorities and position statements GACAG Priorities GACAG's.
Guidance for AONB Partnership Members Welsh Member Training January 26/
MARPA and You Working Together to Make PMA Successful March 31, 2011 Gorham Conference 1 Modification and Replacement Parts Association (MARPA)
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT
Health and Safety Executive EMF Directive: Working towards transposition HSE Radiation Policy Team.
Critical Infrastructure Protection: Program Overview
1 Awareness raising CAS september  PSC  Status of the work in the Strategy Project Team  CAS  Status of the work in CAS 2 Awareness raising.
Adaptation knowledge needs and response under the UNFCCC process Adaptation Knowledge Day V Session 1: Knowledge Gaps Bonn, Germany 09 June 2014 Rojina.
2015 Safety Action Plan & Regulatory Strategy California Public Utilities Commission January 29, 2015.
Committed to Connecting the World International Telecommunication Union Presentation Brief about ICTs Applications activities Telecommunication Development.
Jerry Cochran Principal Security Strategist Trustworthy Computing Group Microsoft Corporation.
FDA Public Meeting on Electronic Records and Signatures June 11, 2004 Presentation of the Industry Coalition on 21CFR Part 11 Alan Goldhammer, PhD Chair.
Seeking a National Standard for Security: Developing a Systematic Crosswalk of the Final HIPAA Security Rule, the NIST SP , NIST SP Security.
INotice Coordinator Briefing 1. Welcome to iNotice Coordinator Briefing Heightened awareness of safe medication management for aged care community workers.
The NMC strategy and its alignment with the education strategy Anne Trotter Assistant Director, Education and QA 16 October 2014.
Page 1 Strategic Foresight Initiative Summary Briefing Emergency Management Higher Education Conference June 6, :30 – 11:30 am.
SAMI & IMCA MARITIME CYBER SECURITY WORKSHOP
VA Indian Health Service BCMA Effort Chris L. Tucker Director, Bar Code Resource Office VHA OIA, Health Informatics.
Nanotechnology - USDA - 18 Nov 2002 REGULATORY CONSIDERATIONS FOR NANOTECHNOLOGY IN PUBLIC HEALTH FOOD AND DRUG ADMINISTRATION Norris E. Alderson, Ph.D.
1 Update from the ANSI Homeland Security Standards Panel (HSSP) Presented by Karen Hughes Director, Homeland Security Standards American National Standards.
Northern Health Strategic Plan – 2009 to Slogan “The Northern way of caring”
PERSPECTIVES FROM THE OECD ROLF ALTER DIRECTOR FOR PUBLIC GOVERNANCE AND TERRITORIAL DEVELOPMENT OECD Key Challenges in Public Procurement 3 rd Annual.
Agency for Healthcare Research and Quality Advancing Excellence in Health Care The “Centers for Education & Research on Therapeutics” (CERTs)
Research in the Office of Vaccines Research and Review: Vision and Overview Jesse Goodman, M.D., M.P.H. Director, Center for Biologics Evaluation and Research.
Induction toolkit 2. WHAT DOES MY TRUST LOOK LIKE? © GovernWell
Research in the Office of Cellular, Tissue and Gene Therapies: Vision and Overview Jesse Goodman, M.D., M.P.H. Director, Center for Biologics Evaluation.
Component 1: Introduction to Health Care and Public Health in the U.S. 1.9: Unit 9: The evolution and reform of healthcare in the US 1.9c: Quality Indicators.
Responsive Innovation for Disaster Mitigation Gordon A. Gow University of Alberta.
Revision N° 11ICAO Safety Management Systems (SMS) Course01/01/08 Module N° 9 – SMS operation.
WHAT IS CONSIDERED CONFIDENTIAL PATIENT INFORMATION? Information that is not publically available that has been disclosed in confidence between a patient.
MISSION To promote excellence in nursing through transformational leadership in New York State VISION To be recognized as a catalyst for collaborative.
© 2011 Underwriters Laboratories Inc. Conformity Assessment Best Practices and Advancing GRP in EAC: The Value of Public-Private Partnerships EAC Workshop.
Safety Management Systems Session Four Safety Promotion APTA Webinar June 9, 2016.
UNCLASSIFIED Homeland Security 2016 TRB Annual Meeting Cyber Risk Management CAPT Verne Gifford (CG-5PC) 1.
1 MEDICAL DEVICE CYBERSECURITY: FDA PERSPECTIVE SUZANNE B. SCHWARTZ, MD, MBA ASSOCIATE DIRECTOR FOR SCIENCE & STRATEGIC PARTNERSHIPS OFFICE OF THE CENTER.
MEM Cybersecurity Working Group Update to PCD Technical Committee
Iowa Communications Alliance
Security Research Institute
MEM Cybersecurity Working Group Update to PCD Technical Committee
Medical Device Cybersecurity Legislative Activities - Overview
CDRH 2010 Strategic Priorities
The National Network of
Next Generation 911: Making it Happen NOW!
Tobey Clark, Director*, Burlington USA
digital FDA Bakul Patel
Connected HealthCare.
Presentation transcript:

BSides Las Vegas 2015 Tuesday, August 4, 2015

Medical Overview Many, many stakeholders Diversity of devices, from swallowable pills to enormous radiological devices. Something that affects nearly all of us. Many researchers are also patients of these treatments. So it’s very visceral, and easy to demonstrate why it matters. One of the most critical single stakeholders is the FDA.

Introducing the FDA Suzanne Schwartz Director Emergency Preparedness/Operations & Medical Countermeasures (EMCM)

4 FDA Organization

The products we regulate… 5

CDRH/FDA Goals Meet our mission: safe and effective devices Raise cyber-security awareness leverage knowledge from other industry sectors Promote safety and security by design by clear regulatory expectation Promote coordinated vulnerability disclosure & proactive vulnerability management Minimize reactive approaches Foster ‘whole of community’ approach 6

Key Takeaways FDA seeks to foster a ‘whole of community’ approach That means security researchers play an important role! Establish a Cybersecurity Risk Management Program Make cyber hygiene paramount Create a trusted environment for information sharing Software updates for cybersecurity do not require pre-market review or recall (there are some exceptions) Slide 7

Atlantic Council workshop and paper 1 FDA Pre-Market Guidance and Workshop 2 IEEE Workshop Embraced by healthcare community conferences Atlantic Council Cyber Wednesday 3 Vulnerability Disclosure Policies Vulnerability Disclosure Brainstorming and Education with FDA Safety Communications BEFORE evidence of harm Highlights from the past year

Atlantic Council workshop and paper 1 FDA Pre-Market Guidance and Workshop 2 IEEE Workshop Embraced by healthcare community conferences Atlantic Council Cyber Wednesday 3 Vulnerability Disclosure Policies Vulnerability Disclosure Brainstorming and Education with FDA Safety Communications BEFORE evidence of harm With FDA as a key partner

Coming Connected Medical Device Procurement Guide Hippocratic Oath for Connected Medical Devices D0 N0 H4rm

Q&A