Data security has three facets—confidentiality, integrity and availability. Device labelers need to keep each of these areas in mind when it comes to managing the UDI data for their device portfolio.
Confidentiality: Not all data you submit to FDA as part of a UDI data record is public. For example, the FDA listing number contained in the submission must remain confidential in order to protect your device from counterfeiting. New products that fall under the UDI mandate must bear a registered UDI prior to being launched and marketed, so labelers submitting data they are not yet ready to make public need to consider how they are protecting their data throughout the launch process.
Integrity: The UDI data records you submit to FDA become the official record of your product data at the agency. How do you make sure every field is exactly the same as what you have on file in your internal systems? How do you ensure that changes to the data for your product portfolio are immediately and accurately updated in the GUDID database? Remember, UDI data will be used over and over again in downstream applications by distributors, healthcare providers, payers and patients. Inaccurate or out-of-date data in the GUDID can make its way into the marketplace and cause big problems down the road.
Availability: What is your official repository for your UDI product data? A bunch of spreadsheets on your employees’ hard drives? A third party database? If you are using the FDA Web Interface and managing your master data records on spreadsheets, how do you track changes and ensure you always have the latest versions? If the data is dispersed among your staff in their own files, will you be able to locate all the data you need if a key team member leaves the company or their laptop is stolen? If you do, can you be sure you are looking at the latest version? If your data is stored externally, consider what backup measures, disaster recovery plans and service levels your vendor has in place.
When it comes to the security of your UDI data, it is essential to have a master data set. This data needs to be stored somewhere and in a method that ensures its confidentiality, integrity and availability.
Reed Tech can help your organization not only to clear the hurdle of submitting your data to FDA initially, but also to maintain that data and make sure it is always accurate and current. Beyond that, Reed Tech can help you capitalize on the value of that data to sync your internal records with the latest ones accepted by the FDA.
Contact us today to discuss a secure strategy for UDI data management, because submission is just the beginning.