The Role of a CIO is transforming as a CIBO | Dr Mukund KS

Dr Mukund KS | GM-IT | Inventia Healthcare explains how pharma and life sciences are adopting to cloud and other digital technologies.

Pharma & Life Sciences sector has been a laggard to adoption of new technology. What Are there any roadblocks in rolling out Technology solutions?

What worked yesterday might not work today and not tomorrow. Pharma and Life Sciences industry is on this constant path to seek better ways to manage complexity, cut costs, and boost productivity. Conventional methodologies, strategies, process and technologies cannot handle the magnitude of changes, which will have an impact over the entire Product Life Cycle. Ecosystems are getting more complex and the dinosaurs resistant to change seek extinction. Adoption by business to new technologies like change management, have been the laggards in Pharma.

The role of a CIO is shifting towards CIBO (Chief Information Business Officer) and ROI no longer means Return on Investment but Return On Innovation. Pressures from finance to reduce and shift capital expenses to OPEX, further add on to the existing woes. The challenges of innovation are luring in further risks than simplifying it. So, it becomes essential for CIOs to simplify technology, look at better ways of adoption and quicker product deployments using design thinking approach.

What are the Challenges in establishing cloud-based environment / journey for Pharma Life sciences Organizations? How can they overcome this?

The entire Life Sciences and Pharma industry was initially restrictive to cloud, due to the non clarity on regulations and how the cloud caters to the regulatory aspects. Compliance to GXP, so be it Good Clinical Practice, Good Laboratory Practice, Good Manufacturing Practice that focus on Patient Safety / Pi and SPI data protection are essential. GXP also focusses on Integrity, Reproducibility and Traceability of Data for Manufacturing Drugs. CSV or Computer Systems Validations are focused on Accuracy, Consistency & Reliability.

In a typical and traditional scenario, companies can audit their sites, servers, and data to show Compliance. But this compliance checks happen at distinct points in time. This allows company auditors to show that a system was compliant at that point of time. However, they cannot show compliance after that point. which means the Metric or KPI of % of readiness to Audit is on a negative score. We need to shift gears to look at achieving Continuous Compliance. For e.g. on AWS every change to the system is logged using AWS Cloud Trail and Auditors can view Who, What, When and Where from every change was executed. If you refer to the Cloud Partner Quality Manual for e.g. the AWS Quality Manual, it showcases what are the various Certifications with their controls that map to the Compliance in GXP. for instance, Record keeping is one of those GXP areas, there are certifications like ISO 27001:2013, ISO 9001:2015, HIPAA, SOC certifications to which these compliances can be mapped which means that till the Hypervisor level, your GXP Requirements are taken care of.

All that pharma companies need to do is to take these certifications from cloud partner where they have hosted their instances or applications used to showcase compliance. It is very important to focus on Security. Security is taken care of up to the Hypervisor layer by Cloud Service Providers and above hypervisor level it becomes the responsibility of Pharma IT Teams.

Why is the Life Sciences industry under a constant target by Cybercriminals & Hackers. How could Pharma Organizations protect themselves?

If I was to place an analogy, I would refer to Tony Stark & Iron Man. The system that powers Iron Man suit is the Arc Reactor which is a Fusion Power Source that all the bad guys want to replicate or steal. In Pharma the Intellectual Property that drives the business is the Arc Reactor that cyber criminals and hackers want to get access to. Referring to Drug & Molecule studies, Clinical Trial information, Product Pricing and Marketing information if breached could lead to commercial losses for Life sciences Organizations in millions of dollars. It also leads to a loss of Public image and Credibility and so there is an increased emphasis on Cyber Awareness in pharma today.
The CIO’s role is also evolving as a CISO. Organizations can deploy a NIST based security Framework to protect themselves, that focuses on How to Identify, Protect, Detect, Respond and Recover from Risks. I would further recommend to setup a Cyber Security Committee that focuses on identifying and classifying the risks as Financial Risks, People Related Risks, Compliance related risks, Technology related risks, Process based risks, Human Psychology based risks, Cyber Risks. Then have plans to mitigate each of them. Then also embark on adherence to Models of ISO 27001, GDPR, that identifies gaps in current process, and establishes control mechanisms.
Your employees are the front line and last line of defence, no matter what Tools you deploy like SIEM, or MDM. It is essential to train the workforce on a constant basis and have a basic security certification that all employees need to take as part of their joining and yearly ongoing for providing them with the Access and applications they require. Design of Metrics & KPIs and showcasing possible breaches to the Board and request for Security Budget is of crux. Sample KPIs like MTTD (Mean Time To Detect), MTTR (Mean Time To React) etc. would assist in identifying the gaps and build tactics to close the same.

How are digital technologies going to help Pharma & Life sciences industry, manage the tide without significant business disruption?

Artificial intelligence, automation, blockchain, 3D Printing and other technologies driving digital transformation will fundamentally reshape how Pharma, Biotech & Life Sciences Organizations operate, from product portfolio planning, drug development, marketing, to finance and other administrative functions. In-Clinic effectiveness time (Time with the Doctor for Medical Rep) with HCP (Health Care Professionals) is dwindling and also Virtual Detailing and moving towards a Pull based rather than Push based Marketing Mechanism would be the order of the day. 3D Printing, could embark itself specially for Biotech, Nutra and other OTC products to take the space on the chemists’ tables.

How do you advise organizations post COVID19 scenarios on Advanced Analytics? What are the likely future efforts they should make for the improvement in the healthcare & life sciences sector?

If your refer to the “Gartner Analytics Ascendancy Model”, a typical Analytics Roadmap starts with Descriptive Analytics → Diagnostic Analytics → Predictive Analytics → Prescriptive analytics. But with Cloud, you could bring in Compute, Storage and Readily available ML Models, Pre-built data connectors that help to Ingest various Datasets from numerous siloed sources. Store these Data Sources on a Centralized Platform, build meaningful insights and identify patterns seen & unseen, with permutation and deliver Business Insights and Decision Making thus ensuring Insights made available at speed of Light. Instead of building a Data warehouse and then a Data Lake, you could start with the Data Lake Journey using a cloud-based model e.g. Amazon Redshift & AWS Quicksights. With AWS Quicksights, you could avoid the upfront costs of Visualizations tools and rather just pay even for the Visualization / Session period.

Most Popular

To Top
CXOTV Health