Digital Health & Pharma

Digital technologies are integral to daily life and there is immense scope for use of digital health solutions and automation. While these new fields of application bring benefit they are also bringing new challenges.

Cyber security of patient data, operational safety and security of critical automated and connected devices, the safety, fairness, neutrality of artifical intelligence based system are paramount to the success of those application and systems.

CertX may help you in assessing and mitigation those risk in pharmaceuticals, critical medical devies incl. AI and S/W applications.

Pharmaceuticals

CODEMA Protocols

With increasing complexity of materials, equipment and services used in pharmaceutical industry it is becoming more and more difficult to control the quality of suppliers and their products using solely in house resources. On the other hand, advent of personalized medicines presents neverbefore seen challenges equipment is used that was never designed to fulfill GxP requirements (vide case of CAR-T therapies).

The CODEMA protocols developed by its experts together with the University of Applied Sciences and Arts of Southern Switzerland (SUPSI) offer a proprietary evaluation and certification protocols for blockchain and cloud services to evaluate it against compliance and best practices:

 

  • Evaluation of Blockchain technologies being used – Codema RP 2100
  • Evaluation of cloud services – Infrastructure as a service Codema RP 2200/1
  • Evaluation of cloud services – Platform as a service Codema RP 2200/2
  • Evaluation of cloud services – Software as a service Codema RP 2200/3

We offer the for each protocol 2 different levels of assessment:

  1. Pre-evaluation: This is based on a self assessment being evaluated by our experts and a report defining areas of compliance and non-complianecs (if any) as well as recommendations.
  2. Full and extensive evaluation (after stage 1 completed): Our expert will run through the protocol in an audit (on-site or remote) to evaluate independently the implementation of the protocol. as a result you will receive a full report of the evaluation and in case of no open non-conformities.

Stage 1 can done independently if later on stage 2 is requested or not.

 

In case of further details or a quote requested, please contact us via the project request frm below.

For a quotation for stage 2 we would need the number of employees and number of different sites, which you may specifiy in the request description.

 

Ihre Projektanfrage - kontaktieren Sie uns

Bitte füllen Sie das untenstehende Formular für jede Anfrage aus. Lassen Sie die Felder leer, wenn Sie sich nicht sicher sind oder die Informationen nicht angeben können. Wir werden uns gerne mit Ihnen in Verbindung setzen und die notwendigen Informationen in einem Telefonat oder einer Videokonferenz herausfinden.

    Um Sie mit dem richtigen Experten in Kontakt zu bringen, können Sie die Dienstleistung oder das Anliegen weiter spezifizieren. Falls Sie sich nicht sicher sind, lassen Sie es bitte offen, wir werden Sie in Kürze kontaktieren.


    Anhänge wie Projektdokumente oder andere relevante Informationen, falls dies als nützlich erachtet wird.
    (Dateityp: pdf, docx, doc, xls, xlsx, ppt, pptx / Größenbegrenzung: 20 MB)


    Haftungsausschluss:
    Als akkreditierte Zertifizierungs- und Inspektionsstelle sind wir an das Berufsgeheimnis gebunden, unabhängig davon, ob eine Vertraulichkeitsvereinbarung besteht oder nicht. Ihre Daten werden mit äußerster Sorgfalt behandelt und auf Ihren Wunsch hin gelöscht.

    More info on the generic management system certification process please see here and more details on the the Codema Protocols can be found here.

    Cyber security for healthcare solutions and medical devices

    In today’s electronic world, cybersecurity in healthcare and protecting information is vital for the normal functioning of organizations. Many healthcare organizations have various types of specialized hospital information systems, as well as heterogeneous medical devices to manage. In that context both IT (Information Technology) and OT (Operation Technology) assets are considered as critical from different perspective, incl. human safety, and are requiring the implementation of best security practices from any stakeholders involved in the development, integration, operation, and maintenance activities.
     

    Relevant US and EU authorities recently developed new regulatory framework and guidance for implementing best security practices. Depending from stakeholders’ role, different reference document and requirements have been derived from generic State-of-the-Art document such as ISO 27000 standard series for Information security, or ISA/IEC 62443 standard series for operational cyber security (incl. medical devices).

    The five most efficient cyber defenders are: Anticipation, Education, Detection, Reaction and Resilience.

    Cybersecurity is much more than an IT topic.

    Stéphane Nappo, Vice President – Global Chief Information Security Officer , SEB Group

     

    A broad service portfolio for tackling end-to-end cybersecurity needs

    For supporting customers in their implementation of best security practices, and ultimately comply with State-of-the-Art methods, CertX Cyber Security Team provide a bench of services for accompanying organizations into their roadmap for secure development and operations, based on four streams:
     

    • Awareness & Education for preparing your team to apply best security practices required from operators of essential services, derived from relevant regulations (e.g. EU-MDR), applicable guidance (MDCG document) or technical standard series (ISO 27000, ISA/IEC 62443)
    • Compliance check & certifications for evaluating your current products and/or processes, and validate them according to international references
    • Technische Bewertung und Tests zur Abwehr von Angriffsversuchen auf Ihre Produkte und/oder Infrastruktur
    • Supporting services for accompanying your team on the right path for implementing best security practices

    Kontakt

    Kilian Marty

    Leiter der Abteilung Cybersicherheit
    kilian.marty@certx.com
    T +41 26 309 29 94