Perhaps this sounds too good to be true, but my experience working with pharmaceutical companies has shown me that there is a key area where Pharma companies can gain competitive advantage today, putting themselves in a strong position to win contracts over their competitors, while simultaneously addressing key compliance challenges in relation to GDPR, GxP and HIPAA.
So what is this area?
Well it’s the subject that’s increasingly worrying the government, business owners and directors in every sector: namely Cyber Security.
So how does effective cyber security management help pharmaceutical businesses to win more contracts? Well, in selecting a supplier, every potential customer of your firm is going to be carrying out due diligence to ensure your firm is safeguarding data as it should be, and is demonstrating best practice in relation to managing cyber threats. After all, the last thing your customer wants is for their supply chain to grind to a halt because, for example, a ransomware attack has meant you can no longer produce or ship product.
And recent ransomware attacks like Wannacry and Petya which have hit the headlines by causing major disruption in healthcare and pharmaceuticals, with organisations such as the NHS, Merck and Reckitt Benckiser being affected, will only serve to make your prospective customers more aware of these issues, and the risks they pose to their business, if they, or anyone in their supply chain, falls victim to such an attack.
Already the government requires all suppliers bidding for certain sensitive and personal information handling contracts to be certified against the Cyber Essentials scheme, a government-backed, industry supported scheme to help organisations protect themselves against common cyber-attacks (more about which in my next article). But it is clear to me that these types of accreditations and requirements are only set to continue and grow, as they inevitably percolate all the way up through the supply chain.
Then, on the other side of the coin, there is the reputational damage that a cyber-security issue causes to your firm. If you have had a high profile data breach (and let’s bear in mind that GDPR imposes an obligation on you to declare breaches within 72 hours, so a breach is going to be high profile), then how will it impact on your prospective customer’s decision making process when they are evaluating whether or not to work with your organisation? What does it say about your company procedures? Your risk management processes? Your ability to safeguard your data and theirs? And ultimately your ability to deliver to your customers?
So if your company can demonstrate they have in place effective risk management processes and technologies in relation to cyber-security then you have clearly placed yourself in a very powerful position to secure new business, since your prospective customer is immediately re-assured that he is minimising the risk in his supply chain.
And there is a dual benefit here, because effectively addressing cyber security challenges also ticks many compliance boxes, since GxP, HIPAA and GDPR all have requirements surrounding effective protection of your data from cyber security threats.
So the same business processes and technologies that will help you win more business, will also help you to address key challenges around GxP data integrity, MHRA inspections, compliance with the HIPAA security rule and safeguarding the personal data your company holds under GDPR.
I hope by now you will agree that effective cyber security management is pivotal to commercial success. But just how do pharma companies achieve the holy grail of effective cyber security risk management, in today’s constantly evolving, and increasingly complex threat landscape? There’s no doubt, it’s a complex issue that requires a specialist skillset and a multi-faceted approach – but for those Pharmaceutical businesses willing to make the investment in people with the right skills, along with the right technologies, the commercial opportunities to get ahead abound.
In my coming blogs I will be discussing practical ways in which pharma companies can implement effective cyber security policies, processes and technologies that will dramatically reduce their risk and help to elevate them above their competitors and put them at the front of the queue to win more contracts. If in the meantime, you have any questions, or you would like to explore how Connexion can help your company win more business through effective cyber security management, then please do not hesitate to contact me on 0118 920 9600 or email james.stratton@connexion.co.uk when I will be happy to arrange a no obligation conference call.
--------------------------------------------------------------------------------------------------------------------------
Established in 1994, Connexion Ltd provides IT consultancy, IT services and IT support to mid-size Pharmaceuticals, Clinical Research organisations, Biotechnology and Medical Device companies throughout the UK. Our focus is on delivering IT solutions that create real value to our clients' businesses. Working closely with our customers’ in-house IT Managers, our structured and managed approach to delivering IT is paramount in ensuring our clients can maximise the business advantages technology can offer them, whilst minimising their risks and maintaining regulatory compliance. For more information about our services for pharmaceutical businesses please visit our website http://www.connexion.co.uk/pharmaceuticals/
