On Thursday, June 13, 2013, the U.S. Food and Drug Administration (“FDA”) released a draft guidance on measures to help ensure the cybersecurity of medical devices. The draft guidance, titled “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices,” proposes cybersecurity features that should be incorporated into wireless, Internet- and network-connected medical devices (“cybersecurity-vulnerable devices”), as well as information that will be requested in premarket submissions for cybersecurity-vulnerable devices. In addition to the draft guidance, FDA also issued an FDA Safety Communication to medical device manufacturers, hospitals, medical device user facilities, health care IT and procurements staff, and biomedical engineers on cybersecurity for medical devices and hospital networks.
Continue Reading Cybersecurity: FDA Risks for Medical Devices

I am often called upon to address the nature of how regulatory controls may apply to the organization of healthcare companies in their ability to create, deliver, and capture value (their ‘business models’). While no summation could adequately capture all of the complexity inherent in this question, it would seem appropriate to briefly comment on some of the general recent trends I have seen, and how they may be shaped by various regulatory authorities.
Continue Reading Thoughts on Regulatory Constraints of Business Models

FDA has taken no significant regulatory action with regards to claims made for cosmetics for almost twenty five years. As a result, claims for cosmetics have become aggressive, as new science and ingredients have blurred the line between cosmetics and pharmaceuticals, leading to a class of products generally referred to as “cosmeceuticals”. There is, however, no regulatory definition of a cosmeceutical, and recent regulatory actions by the FDA suggests that they believe claims for such products are drug claims.Continue Reading FDA Takes Action Against Marketers Making “Cosmeceutical” Claims

By Mike Emmick

In the fervor of the U.S.’s current anti-foreign-corruption efforts, a particularly misguided proposal has occasionally reared its ugly head: Requiring “mandatory debarment” for any company that violates the Foreign Corrupt Practices Act (“FCPA”).

On the merits, such a proposal is completely wrong-headed. Debarment is a severe, forward-looking administrative remedy – the corporate “death penalty” – not a vehicle to “boost” the penalties for past criminal FCPA violations.Continue Reading Mandatory Debarment for FCPA Violations? A Bad Idea Whose Time Should Never Come

By Mike Emmick and Joseph Barton

Corporate executives in the health care and environmental industries are rapidly coming to appreciate the implications of the responsible corporate officer doctrine, a recently-revitalized weapon in U.S. Department of Justice’s battle against corporate crime.

This doctrine is a peculiar exception to the usual requirements for a criminal prosecution. Ordinarily, criminal law requires a defendant to have committed a criminal act, and to have done so with criminal intent.Continue Reading The Uncomfortable Resurgence of the Responsible Corporate Officer Doctrine

Welcome to the first monthly update on FDA’s enforcement over regulated tobacco products. This update will examine trends in Warning Letters, and cover some unique Warning Letters and enforcement actions that have occurred in the previous month. As the first post regarding tobacco products, we begin with an alert regarding FDA’s issuance of civil money penalty complaints. The update also provides a summary of tobacco related Warning Letters issued by the FDA to date.[1]Continue Reading Update on Tobacco Warning Letters