Life Sciences. The life sciences industry was one
Post# of 22454
(Total Views: 527)
Posted On: 04/30/2021 6:14:28 PM
Life Sciences. The life sciences industry was one of the early areas of adoption of QD technology, especially for QDs used in fluorescent markers in diagnostic applications. This includes both the in vitro use of QDs for marking (illuminating) particular cell types or metabolic processes for understanding diseases, and in vivo imaging made possible by QD fluorescence in near infrared that can be detected in deep tissues. The fluorescent qualities of QDs provide an attractive alternative to traditional organic dyes in bio-imaging. It is estimated that QDs are 20 times brighter and 100 times more stable than standard fluorescent indicators. QD technology is also being used in place of colloidal gold nanoparticles in lateral flow test kits such as those used in the rapid Covid 19 antigen test. QDs have been reported in literature to exponential improve the sensitivity of these test enabling earlier detection.
The Federal Drug Administration (“FDA”) has issued emergency use authorization (“EUA”) for medical tests that diagnose Covid-19. The FDA is responsible for protecting the public health by ensuring safety, efficacy, and security of all human and veterinary drugs, biological products, and medical devices. With regards to medical tests, the FDA usually does this by making manufacturers meet rigorous guidelines in an approval process that can take many months. During an emergency, such as a pandemic, it may not be possible to have all the evidence that the FDA would usually have before approving a medical test. If there’s evidence that strongly suggests that patients have benefited from a test, the agency can issue an EUA to make it available. One of the minimum requirements for granting EUA is that the known and potential benefits of the test outweigh the known potential risks. However, this is a minimum requirement and not the standard. The minimum standard can be met and EUA is still not given; there may be additional requirements, such as the test meeting reasonable thresholds for safety and effectiveness and/or people in urgent need of care based on a diagnosis. EUAs are only given during a declared emergency; outside of this, an EUA is never given.
Once the pandemic is over and should FDA EUA of Covid-19 tests be revoked. The 510K approval process which requires validation and submission of the test for FDA 510(k) clearance, which is one of the normally used medical device regulatory pathways for FDA approval would be required to continue to sell the test kits in the USA.
It is important to note that QMC is collaborating with a leading university in the medical field and intends to initially pursue the FDA EUA while also pursuing the FDA 510(k) clearance of its test platform for non-covid related testing. QMC also intends to pursue regulatory approvals in one or more foreign jurisdictions.
The time required to complete either the FDA EUA or the FDA 510(k) approval process can vary widely, and approval is not guaranteed the same holds true for regulatory approvals outside the USA.
Cybersecurity
Cybersecurity refers to a set of practices and techniques used to protect the integrity of networks, applications and data from attack, damage, loss or unauthorized access. The use of cybersecurity measures can help prevent cyber-attacks, data breaches, and identity theft and can aid in risk management.
Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization.
Confidentiality: Protecting confidentiality is dependent on being able to define and enforce certain access levels for information.
Integrity: Integrity is defined as protecting data from deletion or modification from any unauthorized party, and it ensures that when an authorized person makes a change that should not have been made the damage can be reversed.
Availability: Authentication systems, access vectors and systems functionality are all paramount for the information they protect and ensure it’s available when it is needed.
The following is a brief representation of QMC HealthID™ and QDX Platform Cybersecurity measures currently in place.
● Penetration testing: simulates a malicious attack in order to perform in-depth business logic testing and determine the feasibility and impact of an attack. The testing is performed internally and externally to the system.
● Tested development, testing and production environments when typically, only production environments are tested.
● Cold test results were very good with only one critical and one high vulnerability very few medium and low vulnerabilities.
● Application security testing:
● Currently, a relatively manual process of assuring our applications are more resistant to security threats, by identifying security weaknesses and vulnerabilities in source code.
● Code static analysis
● Sonarqube is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages.
● Library vulnerability reporting
● Partially automated process of researching and scanning third-party software components in use.
● Container vulnerability scanning (ECR)
● Amazon Elastic Container Registry (ECR) is a fully managed container registry that makes it easy to store, manage, share, and deploy verified container images and artifacts anywhere.
39
● Virtual machine vulnerability scanning (AlertLogic)
● Alert Logic service is MDR (Managed Detection & Response), which is an always-on always-aware breach detection/response system
● Containers always get security updates when they are built
● All Kubernetes containers automatically notify the team when there are new security updates to be completed.
● Encryption
● All data is encrypted at rest and in transit.
● No PII or PHI data is stored on any end-user device.
● Segregation/Isolation
● Production environment is logically and physically isolated from dev/test
● Each element is contained within a separate VPC (virtual private cloud)
● Each separate VPC requires a VPN (virtual private network) connection in order to access.
● Access
● Complex password policies are enforced
● Role based access control within dev/text/production environments
● Multi-Factor Authentication is enforced within systems requiring higher levels of access control
● Healthcare data security and availability standards in use within appropriate deployed platforms
● FHIR
● Rapidly exchange data in the HL7 FHIR standard format with a single, simplified data management solution for protected health information (PHI). Azure API for FHIR lets you quickly connect existing data sources, such as electronic health record systems and research database
● HITRUST
● The Health Information Trust Alliance Common Security Framework (HITRUST CSF) leverages nationally and internationally accepted standards and regulations such as GDPR, ISO, NIST, PCI, and HIPAA to create a comprehensive set of baseline security and privacy controls
The Federal Drug Administration (“FDA”) has issued emergency use authorization (“EUA”) for medical tests that diagnose Covid-19. The FDA is responsible for protecting the public health by ensuring safety, efficacy, and security of all human and veterinary drugs, biological products, and medical devices. With regards to medical tests, the FDA usually does this by making manufacturers meet rigorous guidelines in an approval process that can take many months. During an emergency, such as a pandemic, it may not be possible to have all the evidence that the FDA would usually have before approving a medical test. If there’s evidence that strongly suggests that patients have benefited from a test, the agency can issue an EUA to make it available. One of the minimum requirements for granting EUA is that the known and potential benefits of the test outweigh the known potential risks. However, this is a minimum requirement and not the standard. The minimum standard can be met and EUA is still not given; there may be additional requirements, such as the test meeting reasonable thresholds for safety and effectiveness and/or people in urgent need of care based on a diagnosis. EUAs are only given during a declared emergency; outside of this, an EUA is never given.
Once the pandemic is over and should FDA EUA of Covid-19 tests be revoked. The 510K approval process which requires validation and submission of the test for FDA 510(k) clearance, which is one of the normally used medical device regulatory pathways for FDA approval would be required to continue to sell the test kits in the USA.
It is important to note that QMC is collaborating with a leading university in the medical field and intends to initially pursue the FDA EUA while also pursuing the FDA 510(k) clearance of its test platform for non-covid related testing. QMC also intends to pursue regulatory approvals in one or more foreign jurisdictions.
The time required to complete either the FDA EUA or the FDA 510(k) approval process can vary widely, and approval is not guaranteed the same holds true for regulatory approvals outside the USA.
Cybersecurity
Cybersecurity refers to a set of practices and techniques used to protect the integrity of networks, applications and data from attack, damage, loss or unauthorized access. The use of cybersecurity measures can help prevent cyber-attacks, data breaches, and identity theft and can aid in risk management.
Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization.
Confidentiality: Protecting confidentiality is dependent on being able to define and enforce certain access levels for information.
Integrity: Integrity is defined as protecting data from deletion or modification from any unauthorized party, and it ensures that when an authorized person makes a change that should not have been made the damage can be reversed.
Availability: Authentication systems, access vectors and systems functionality are all paramount for the information they protect and ensure it’s available when it is needed.
The following is a brief representation of QMC HealthID™ and QDX Platform Cybersecurity measures currently in place.
● Penetration testing: simulates a malicious attack in order to perform in-depth business logic testing and determine the feasibility and impact of an attack. The testing is performed internally and externally to the system.
● Tested development, testing and production environments when typically, only production environments are tested.
● Cold test results were very good with only one critical and one high vulnerability very few medium and low vulnerabilities.
● Application security testing:
● Currently, a relatively manual process of assuring our applications are more resistant to security threats, by identifying security weaknesses and vulnerabilities in source code.
● Code static analysis
● Sonarqube is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages.
● Library vulnerability reporting
● Partially automated process of researching and scanning third-party software components in use.
● Container vulnerability scanning (ECR)
● Amazon Elastic Container Registry (ECR) is a fully managed container registry that makes it easy to store, manage, share, and deploy verified container images and artifacts anywhere.
39
● Virtual machine vulnerability scanning (AlertLogic)
● Alert Logic service is MDR (Managed Detection & Response), which is an always-on always-aware breach detection/response system
● Containers always get security updates when they are built
● All Kubernetes containers automatically notify the team when there are new security updates to be completed.
● Encryption
● All data is encrypted at rest and in transit.
● No PII or PHI data is stored on any end-user device.
● Segregation/Isolation
● Production environment is logically and physically isolated from dev/test
● Each element is contained within a separate VPC (virtual private cloud)
● Each separate VPC requires a VPN (virtual private network) connection in order to access.
● Access
● Complex password policies are enforced
● Role based access control within dev/text/production environments
● Multi-Factor Authentication is enforced within systems requiring higher levels of access control
● Healthcare data security and availability standards in use within appropriate deployed platforms
● FHIR
● Rapidly exchange data in the HL7 FHIR standard format with a single, simplified data management solution for protected health information (PHI). Azure API for FHIR lets you quickly connect existing data sources, such as electronic health record systems and research database
● HITRUST
● The Health Information Trust Alliance Common Security Framework (HITRUST CSF) leverages nationally and internationally accepted standards and regulations such as GDPR, ISO, NIST, PCI, and HIPAA to create a comprehensive set of baseline security and privacy controls
(0)
(0)Quantum Materials Corp. (QTMM) Stock Research Links
Scroll down for more posts ▼