Life Sciences

New regulations require the Life Science sector to keep genetic and medical product data for decades and maintain its viability.

 

The medical research and pharmaceutical community is transforming our lives and our future through dedication to the advancement of knowledge and the discovery of new medicines and treatments for diseases.  But the life sciences sector is particularly vulnerable to adversaries (including insiders) using cyber attacks to steal its intellectual property, degrade the integrity of its research and trial data, and interrupt the safe operation of its manufacturing and supply chains. Furthermore, new regulations require the Life Science sector to keep genetic and medical product data for decades and maintain its viability.  STASH is a key partner to keep data securely stored and shared.  Its unique authentication and encryption processes slash the risk of insider access to key data. STASH has developed trustworthy digital repository technology and processes to ensure the storage and retrieval of viable data for decades. STASH is an essential partner for the data integrity challenges of the Life Sciences sector.

  • US-FDA requires medical product companies to retain all (100%) of physical/digital data and information of their medical products from discovery, manufacturing and distribution for the life of the product and two years after the last product is distributed. Other Nations have similar edicts.
  • HHS-HIPAA is requiring electronic medical records be retained for the life of the patient.
  • The Genetic Information Nondiscrimination Act of 2008 (GINA) is requiring that a patient’s genetic data be maintained for the life of the individual and 50 years after their death (for family use).

Nothing is more valuable to a pharmaceutical company than the formula for one of its new drugs. Reports of hackers breaking into all sorts of firms and stealing their trade secrets is of enormous concern. Equally troubling, experts warn that theft of trade secrets by company insiders is a larger problem… Many of the victims of cyber theft find themselves the target of class action lawsuits and regulatory actions. A quick look at data breach shows a rapidly changing regulatory environment, growing risks of litigation, and some important insurance implications for companies and their top management.

Deloitte

The UK Government identified pharmaceutical companies as the primary target of cyber criminals bent on stealing IP. It estimated cyber-theft of IP cost the UK ₤9.2b, of which it attributed ₤1.8b to theft of pharmaceutical, biotechnology, and healthcare IP. Surveys of US Cyber attacks consistently find that pharmaceutical IP is a major target of sophisticated cyber gangs... Attacks against major US pharmaceutical companies… include medical device-maker, Boston Scientific, Abbott Laboratories, and Wyeth, the drug maker acquired by Pfizer Inc.

Deloitte

Documents, anything with a signature on it, and trade secrets should be locked in a virtual data room or secure repository. Box and Dropbox are commonly used solutions for the storage of critical data. These services are more specifically made for anytime, anywhere access and for editing of documents. They are not purpose-built to protect critical documentation. A virtual data room is built like a digital vault, with strict permission-based access applied to it, thereby limiting your security perimeter.

The New York Times January 2015