4-Hour Virtual Seminar

4-Hour Virtual Seminar on Cybersecurity and US FDA Requirements

John E Lincoln Instructor:
John E Lincoln 
4 Hours
Webinar ID: 501299

More Trainings by this Expert

Price Details
Recorded Webinar
$495 One Attendee
$845 Corporate Recorded

Recorded: Access recorded version, only for one participant unlimited viewing for 6 months ( Access information will be emailed 24 hours after the completion of live webinar)

Corporate Recorded: Access recorded version, Any number of participants unlimited viewing for 6 months ( Access information will be emailed 24 hours after the completion of live webinar)


Due to the growth of the cybersecurity threat to electronic records, computer-controlled manufacturing, and medical devices, the US FDA has issued Guidances for Industry, e.g.: 1) "Cybersecurity for Networked Medical Devices Containing Off-the-Shelf (OTS) Software Document", and 2) "Content of Premarket Submissions for Management of Cybersecurity in Medical Devices", and 3) "Postmarket Management of Cybersecurity in Medical Devices" Draft.

This seminar will focus on the key issues raised by the FDA, not just for devices, but expectations for the industry. Cybersecurity in the medical products industry is coming under increased regulatory review. The Agency leaves the how of cybersecurity compliance up to the manufacturer, as long as the principles in the guidances are met in the resulting product and/or system; and on electronic-specific tools/techniques to achieve CGMP compliance.

Updates, upgrades, new revisions/releases, service packs, and similar are automatically uploaded to a company’s systems, which can pose security risks, with the potential for the introduction of compromised code, retrieval of confidential data, data integrity issues, and similar; and render previous computer systems’ verification and validations worthless. The necessary role of the system administrator adds another area of concern. This seminar will consider how cybersecurity is introduced into the CGMPs, design control (21 CFR 820.30) for devices, and post-production by the CAPA system, among others.

Why should you Attend:
Cybersecurity is a recent concern for medical products, due to the increased reliance on electronic software, records and signatures, stand-alone or networked.

Initially, there were regulations such as 21 CFR Part 11 in the U.S. and Annex 11 in Europe. But more must be done to ensure the integrity of CGMP documents/records/data. As a result, the US FDA issued several Guidance Documents on cybersecurity. Regulatory agencies leave the specifics up to the manufacturer, as long as the principles in the guidances are addressed. Related data integrity issues are addressed by the CGMPs, specifically design control (21 CFR 820.30) for devices, and post-production issues by the CAPA (Corrective and Preventive Action) system, among others. The U.S. FDA has increasingly observed CGMP violations involving data integrity and cybersecurity during CGMP compliance inspections and in security breaches related to medical device use. Adding to the problem is BYOD - "Bring Your Own Device"(laptop, tablet, smartphone, or other "smart" device) to the workplace. These growing trends pose problems to the integrity and security of data. The increasing use of cloud (Internet)-based software to accomplish CGMP tasks, store / retrieve data (data warehousing) and similar uses poses additional problems.


  • Cybersecurity, Data Integrity, and the FDA
  • Key Guidance Documents on Cybersecurity
  • FDA’s enforcement approaches
  • Network vulnerabilities issues
  • Cloud, updates and other concerns
  • FDA’s regulatory approach; Examples
  • Design, security tools, and other requirements
  • NIST and related cybersecurity considerations
  • Verification, validation, and unique documentation requirements

Who Will Benefit:
  • Senior Management in Devices, Combination Products
  • QA / RA
  • Software Development, Programming, Documentation, and Testing Teams
  • R&D
  • Engineering
  • Production
  • Operations
  • Marketing
  • Consultants; others tasked with the product, Process, Electronic Records software V&V Responsibilities

Speaker Profile
John E. Lincoln is a medical device and regulatory affairs consultant. He has helped companies to implement or modify their GMP systems and procedures, product risk management, U.S. FDA responses. In addition, he has successfully designed, written and run all types of process, equipment and software qualifications/validations, which have passed FDA audit or submission scrutiny, and described in peer-reviewed technical articles, and workshops, world wide.

John has also managed pilot production, regulatory affairs, product development/design control, 510(k) submissions, risk management per ISO 14971, and projects; with over 28 years of experience in the FDA-regulated medical products industry - working with start-ups to Fortune 100 companies, including Abbott Laboratories, Hospira, Tyco/Mallinckrodt. He is a graduate of UCLA.

You Recently Viewed

Subscribe to our Newsletter

Subscribe for Compliance Alerts Research Reports Absolutely Free