Alliance Webinar with Dr. Suzanne Schwartz on Cyber Security and Digital Health

The Alliance for a Stronger FDA on October 20th held a webinar with Dr. Suzanne Schwartz, Director of CDRH’s Office of Strategic Partnerships & Technology Innovation (OST). OST provides leadership for all scientific collaborative and emerging technology-related activities at the Center. Dr. Schwartz offered key insights into OST’s work on digital health and cybersecurity, noting the challenges of limited staff and resources and the desire to enhance OST’s capability to deal with these emerging topics.

OST originated in May 2019, as part of the CDRH reorganization. There was a need to create an identity and inspiration for maximum synergy across staff. An example of the work is the confluence of patient science and engagement to advance and enhance the cybersecurity of medical devices. OST aspires to be stewards of transformation with values of impact, integrity, and innovation, and believes in embodying the principles of inclusivity, transparency, rigor, and agility in everything they do.

Dr. Schwartz identified several priorities for the coming years: issuing final guidance on cybersecurity following on the draft guidance released this past April; making a compelling case for explicit authorities for the cybersecurity of medical devices to ensure safety and effectiveness; further evolving work on supply chain efforts; developing resilience to avoid over reliance on certain materials; increasing the visibility of the Digital Health Center; policy development; and advancing health equity.

With respect to how the Digital Health Center of Excellence interacts with other FDA Centers, Dr. Schwartz recognized the criticality of collaboration. She highlighted the Digital Health Advisory Board as a forum for the discussion of common interests across current challenges. They are developing new processes for cybersecurity which needs to be expanded across other product domains to put FDA in the best place.

The CDRH’s approach differs from CDER/CBER in that Dr. Schwartz said they have to be creative due to out of the box needs, along with an absence of resources, appropriations, and authorities. They innovate, borrowing from the practices of other divisions. She cited supply chain issues as an example where pre-pandemic they did not have dedicated resources or authority. They dealt with the crisis as it was unfolding. They learned much from CDER and benefited from the authority provided by the CARES Act and Covid funding. They learned to be anticipatory, and the need to recognize the criticality of engagement with stakeholders.

It has been a challenge to build a cyber team and increase OST’s expertise. They have very few people with a shoestring budget. They have immersed themselves in understanding this space. They interact with stakeholders, and collaboration building with other government agencies. OST does have an FY 23 appropriations ask that will allow them to bring in more FTEs.

CDRH does work with other Centers to align cyber and digital health policy. The Digital Health Advisory Board (DHAB) allows engagement with other Centers. She has mobilized her own team to bring together people from other Centers to address matters in a wholistic manner. She wants to institutionalize the work that has to be done and assess the impact of vulnerability as it crosses over multiple product areas.

The Office reaches out to third parties on a regular basis connecting at both the individual and organizational level. They may ultimately have to do formal agreements but before that there is no hesitation to pick up the phone.

Dr. Schwartz responded to additional questions including the scope of their activities covering women’s health; the cyber risks that concern her the most; the emerging technology of wearables; staffing connections and mentoring; the potential connection between cybersecurity and Total Product Life Cycle Advisory Program (TAP); recruitment and cultivating a workforce, including potential partnering with universities for internships and to help develop curricula. She also hopes to recruit a Director of Medical Device Security over the next 12 months.


Editorial Note: This week’s Analysis and Commentary section was written by the Alliance’s Executive Director, Steven Grossman.