Presentation is loading. Please wait.

Presentation is loading. Please wait.

SAFE-BioPharma Digital Identity and Signature Standard and Services

Published byWilfrid Atkinson Modified over 6 years ago

Similar presentations

Presentation on theme: "SAFE-BioPharma Digital Identity and Signature Standard and Services"— Presentation transcript:

1 SAFE-BioPharma Digital Identity and Signature Standard and Services
Abstract Synopsis The SAFE (Signatures and Authentication Everyone) Standard consists of policies, procedures, guidelines, technical specifications, and a legal and liability risk management framework providing an infrastructure for legally enforceable and regulatory compliant electronic identity credentials. These credentials assure identity and can apply the user’s legally binding digital signature across all BioPharmaceutical industry transactions, globally: business-to-business, in-house, business-to-regulatory, and regulator to regulator. Why does the industry need a standard? Beyond the obvious financial pressures of bringing new drugs to market, the industry is also experiencing a fundamental transformation in the way drugs are developed and delivered. Rising R&D costs have moved the industry away from traditional closed systems to integrated, collaborative systems of product development and delivery. The increasing reliance on external partners such as CROs, labs, investigators, and academic institutions to perform clinical trial services and implement proprietary identity assurance utilities requires greater industry cooperation. A higher level of industry cooperation calls for greater information liquidity. Companies have discovered the enormous return on investment they can realize by shifting in-house, business-to-business, and business-to-regulator transactions from paper-based to electronic. Data must be easily and quickly available, yet complaint with legal and regulatory requirements. This requires the use of legally enforceable, verifiable digital signatures and identity assurance mechanisms. Knowing that the identity of a business partner is valid, and that their signature will hold up in a court of law, is at the core of any BioPharmaceutical business transaction and is critical to creating information liquidity. Without an industry-wide trust standard, BioPharmaceutical organizations have developed their own independent identity assurance networks. In order to work together, they must distribute company-specific identities and/or spend time resolving their separate infrastructures. The result? A significant administrative cost to the industry and considerable complexity for external development partners and regulatory agencies. A global standard like SAFE can effectively secure the electronic information exchange process and support the rapid, cost-effective delivery of new medicines. Fed/Ed XVIII Friday, December 12th, 2008

2 SAFE-BioPharma Digital Identity and Signature Standard and Services
Strategic initiative started 11/03 by biopharmaceutical industry to facilitate transformation to fully electronic SAFE-BioPharma Association incorporated May 2005 Member-governed, non-profit collaborative industry org Develop and maintain standard Facilitate adoption Services for Members Outreach to regulators SAFE-BioPharma Bridge Tiered Services Commercial issuers/products Cross Certification with FBCA Pilots; new use cases Best practices; industry sharing

3 SAFE-BioPharma Members
Abbott AstraZeneca* BristolMyers Squibb* Eli Lilly GlaxoSmithKline* J&J* Merck* National Notary Assn. Organon-ScheringPlough* Pfizer* P&G* Roche Sanofi-Aventis* *Board and PAA Members

4 Adobe* Aladdin* Arcot ARX * Gemalto Gemini Security IBM IDBS Microsoft
SAFE Vendor Community SAFE Vendor Partners SAFE Issuers Adobe* Aladdin* Arcot ARX * Gemalto Gemini Security IBM IDBS Microsoft MXI Security* Northrop Grumman nCipher Open Text SAIC Tricipher* Xyzmo* BMS Chosen Security Citibank Verizon Business IdenTrust J&J TransSped *SAFE-BioPharma certified products SAFE-BioPharma Association

5 A Non-Profit, Member-Driven Standards Association
Board of Directors & PAA Gary Secrest, J&J, Chair SAFE Core Team STAFF Cindy Cullen, CTO Jon Schoonmaker, Chief, Ops Rich Furr, Head, Reg Afrs Tanya Newton, Mgr, Reg Afrs John Hendrix, Prog Dir Kevin Chisholm, Exec Asst John Weisberg, PR & Comm Legal, Financial SAIC NGC, Gemini CEO Mollie Shields-Uehling SAFE-BioPharma Member Consortium Working Groups Technology WG Maria Ramos, J&J Keith Respass, Merck SAFE European Union Advisory Group, Cecil Pistre, Sanofi-Aventis Technology WG Business Colleen McMahon, GSK Marilyn Teal, P&G Business WG Implementation AnnaMarie Ahearn, AZ Wei Wang, SA Implementation WG Global Regulatory Tam Woodrum, Pfizer H. Van Leeuwen, Organon Global Regulatory WG

6 The Contract-Based SAFE-BioPharma Standard
Accept digitally signed transactions Agree to limited liability caps Agree to dispute resolution Agree to identity assurance Agree to self-audit & meet SAFE requirements Business Operating Policies Contracts Processes Technical & Identity Certificate Policy (PKI) Specifications Guidelines Identity verification Manage identity life cycle Comply with referenced standards Follow security, audit & control requirements Certification 6

7 High-Level Architecture
7

8 Member Public Key Infrastructure Options
Internal infrastructure Cross certified with SAFE Bridge BMS, J&J – soon others Outsourced infrastructure Cross-certified with SAFE Bridge: Chosen Security Citibank IdenTrust TransSped Verizon Business/Cybertrust SAFE tiered services infrastructure (member-funded) External partners Regulatory uses Healthcare providers Members

9 Options for Flexible Use
Two levels of trust: Basic Assurance for authentication Medium Assurance for trusted identity uniquely linked to digital signature and EU-qualified Three digital signing technologies: Software Hardware (zero footprint now undergoing FIPS certification) Roaming Three identity-proofing options Antecedent – enterprise and on-line Trusted agent Notary – including office/home notary services

10 On-Line Antecedent Data Sources
US only at present – international sources being identified Based on previous F2F; publicly available data Authoritative Antecedent Data sources (e.g., state licensing authorities): DEA Licenses Medical Professional Licenses Physicians & Surgeons Osteopaths Physician Assistants Nursing Pharmacists Among others State Motor Vehicle Records DMV Registrations Property Records Financial/credit records

11 On-Line Antecedent Process
ID Vetting Successful: Applicant Passes 3rd Party Antecedent identity proofing Moved to RA queue for processing and Certificate Issuance steps. It’s a matter of minutes end-to-end. ID Vetting Not Successful: Unable to verify identity via 3rd Party Antecedent Process reverts to Notary Process with two service options: User locates notary RAS/NNA will have a local notary contact the Applicant directly

12 SAFE-BioPharma and Regulators
FDA engagement since inception – helped write standard Familiarization program and compliance matrix FDA Statement acknowledging use of SAFE-BioPharma digital signature as facilitating compliance with 21CFR11 SAFE-BioPharma members have submitted 1,000s of fully electronic submissions since Sept. ‘06 EMEA engagement since inception – helped write standard Evaluation, pilots, electronic submission guidance EMEA will use SAFE-BioPharma as access solution to EudraVigilance data base (~3,000 users) 1Q09 eCTD Pilot

13 SAFE-BioPharma Pilots & Implementations Pilots and Implementations
Organization Pilots and Implementations Abbott ELN Amgen Clinical Research Info Exchange (CRIX); ELN AstraZeneca eSubmissions (US); ELN; Investigator Portal; Global infrastructure BMS ELNs; Promotional material review (EU); eSubmissions; alliances CDC-MedNet-SAFE-SAIC Cross-jurisdictional public health-disease surveillance EMEA EudraVigilance; eCTDs, regulatory submissions GSK eSubmissions, R&D docs; Global infrastructure J&J 90,000+ employees; eSubs; External partners; Records Eli Lilly eSubmissions National Notary Association Digital Notary Signature Pfizer ELNs; eSubmissions; contracts/SOWs; investigator portal P&G ELNs; contracts; HR Group Purchasing Org. Supplier and member contracts Sanofi-Aventis eSubmissions; ELNs; Finance and Purchasing 13

14 The Infrastructure and the Network Are In-Place
Expanded Communities of Trust – 4BF (4 Bridges Forum) for Collaboration Federal Bridge CA ; Certipath (Defense & Aerospace); Higher Education Bridge CA; SAFE-BioPharma CA Raise awareness Drive use of network of interoperable trusted communities CDC Cross-Jurisdictional Public Health Surveillance Pilot MN public health; Duluth hospitals and physicians; CDC Group Purchasing Organizations (GPOs) Hospital systems Suppliers Federation pilot

15 Investigation Portal (Pilot)
Public Health Disease Investigation Portal (Pilot) Local Public Health Officials Alert Notification Alert Subscription/Notification Service Alert Subscription/Notification Service Disease Investigation Service MN NEDSS Notification w/ Lab test results NHIN Gateway Service Clinical Labs ELR System Patient Test Results 11/14/2018 Version 3.0

16 Alert Subscription/Notification Service Authentication Request
Public Health Disease Investigation Portal (Pilot) Alert Subscription/Notification Service Access Portal Local Public Health Officials Single Sign On to portal Disease Investigation Service Submit the case Authentication Request CDC NEDSS Open a Disease Investigation Case SAFE-BioPharma Digital Certificate Clinical Document Review NHIN Gateway Service User Authentication Cross-Gateway Document Query/Retrieval Federated Identity Management System Document Repository CHIC NHIN Gateway HL7 CDA for public health or CCD documents 11/14/2018 Version 3.0

17 Investigation Portal (Pilot)
Public Health Disease Investigation Portal (Pilot) Open-Case Notification Alert Subscription/Notification Service Access Portal State Public Health Officials Single Sign On to portal Disease Investigation Service Submit the case Authentication Request CDC NEDSS SAFE-BioPharma Digital Certificate Review the Disease Investigation Case NHIN Gateway Service User Authentication Federated Identity Management System 11/14/2018 Version 3.0

18 Please visit the SAFE-BioPharma website: http://safe-biopharma.org/
Pfizer’s Implementation of SAFE-BioPharma Digital Signatures in ELNs: AstraZeneca’s Implementation of SAFE-BioPharma for FDA Submissions: Learn more about the SAFE-BioPharma Implementation Toolkit: Watch the SAFE-BioPharma introductory video: Contact us for more information: Mollie Shields Uehling CEO (201) (201) (cell)8621 John Hendrix Program Director (973) 272- Jon Schoonmaker Chief of Operations & Technical Program (301) Cindy Cullen CTO (609) Kevin Chisholm, Admin. (201) Rich Furr Head, Reg. Afrs. (610) Tanya Newton Manager, Reg Afrs (908)

Download ppt "SAFE-BioPharma Digital Identity and Signature Standard and Services"

Similar presentations

National HIT Agenda and HIE - 2007 John W. Loonsk, M.D. Director of Interoperability and Standards Office of the National Coordinator Department of Health.

National HIT Agenda and HIE John W. Loonsk, M.D. Director of Interoperability and Standards Office of the National Coordinator Department of Health.
AFACT eCOO WG interim meeting - Conference Call 1st March of 2011 Mahmood Zargar eCOO Experiences and Standards.

AFACT eCOO WG interim meeting - Conference Call 1st March of 2011 Mahmood Zargar eCOO Experiences and Standards.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
The Federation for Identity and Cross-Credentialing Systems (FiXs) www.FiXs.org FiXs ® - Federated and Secure Identity Management in Operation Implementing.

The Federation for Identity and Cross-Credentialing Systems (FiXs) FiXs ® - Federated and Secure Identity Management in Operation Implementing.
Certificate Interoperability S&I Framework Initiative Final Report August 17, 2011.

Certificate Interoperability S&I Framework Initiative Final Report August 17, 2011.
SAFE-BioPharma: Industry’s Digital Identity and Signature Standard Practical Use Cases Cindy Cullen CTO Oct. 1, 2008.

SAFE-BioPharma: Industry’s Digital Identity and Signature Standard Practical Use Cases Cindy Cullen CTO Oct. 1, 2008.
SAFE Implementation Toolkit How to use it. Implementation toolkit Overview Log-in Contents Search Toolkit Use Log-out.

SAFE Implementation Toolkit How to use it. Implementation toolkit Overview Log-in Contents Search Toolkit Use Log-out.
SAFE BioPharma Association CONFIDENTIAL1 SAFE Public Key Infrastructure (PKI) 2005 EDUCAUSE/Dartmouth PKI Deployment Summit.

SAFE BioPharma Association CONFIDENTIAL1 SAFE Public Key Infrastructure (PKI) 2005 EDUCAUSE/Dartmouth PKI Deployment Summit.
August 2004 Providing Industry-wide Security and Identity Management Solutions.

August 2004 Providing Industry-wide Security and Identity Management Solutions.
The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,

The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,
21 mai 2015 Bridges between Certification Authorities.

21 mai 2015 Bridges between Certification Authorities.
PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.

PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.
EDUCAUSE Fed/Higher ED PKI Coordination Meeting

EDUCAUSE Fed/Higher ED PKI Coordination Meeting
1 Webinar on: Establishing a Fully Integrated National Food Safety System with Strengthened Inspection, Laboratory and Response Capacity Sponsored by Partnership.

1 Webinar on: Establishing a Fully Integrated National Food Safety System with Strengthened Inspection, Laboratory and Response Capacity Sponsored by Partnership.
SAFE is a member-governed, not-for-profit enterprise that: Manages and promotes the SAFE standard Provides a legal and contractual framework Provides technical.

SAFE is a member-governed, not-for-profit enterprise that: Manages and promotes the SAFE standard Provides a legal and contractual framework Provides technical.
1 Digital Credential for Higher Education John Gardiner 202-973-6618 August 11, 2004.

1 Digital Credential for Higher Education John Gardiner August 11, 2004.
The 4BF The Four Bridges Forum The SAFE-BioPharma Digital Identity and Signature Standard.

The 4BF The Four Bridges Forum The SAFE-BioPharma Digital Identity and Signature Standard.
SAFE-BioPharma Digital Identity and Signature Standard and Services Fed/Ed XVIII Friday, December 12 th, 2008.

SAFE-BioPharma Digital Identity and Signature Standard and Services Fed/Ed XVIII Friday, December 12 th, 2008.
Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.

Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.
Georgia Rural Health Information Technology Conference Healthcare Information Systems Requirements to Achieve Meaningful Use Certification December 10,

Georgia Rural Health Information Technology Conference Healthcare Information Systems Requirements to Achieve Meaningful Use Certification December 10,

Similar presentations

Ads by Google