Vid Desai On How US FDA’s Modernization Will Improve Inspections And Drug Reviews
FDA’s chief information officer talks to the Pink Sheet about why the agency relied on COVID data from foreign countries, and describes pilot projects to target inspections and manage warehouse data.
While the pandemic has consumed the resources of the Food and Drug Administration over the past two years, the agency has also focused on another issue central to its operations: the modernization of its data and technology. The topic can be hard to grasp given the terminology of information technology, but it is the engine fueling everything from inspections to drug reviews and postmarket surveillance, and it has long been in need of an overhaul.
FDA Commissioner Robert Califf highlighted the agency’s modernization efforts at an April hearing of the Senate Appropriations Subcommittee on the agency’s fiscal year 2023 budget. Noting that data and technology modernization does not get a lot of public attention, he emphasized that it is crucial for the agency to keep up with industries, support innovation, protect the public from harmful products, and recruit and retain employees.
The agency published its Technology Modernization Plan in September 2019 and its Data Modernization Plan in March 2021 under the leadership of Amy Abernathy, who served as principal deputy commissioner and acting chief information officer until she left the agency in March 2021. (Also see "US FDA’s Amy Abernethy Leaves Behind Legacy Of Tech Modernization, Real-World Data" - Pink Sheet, 23 Mar, 2021.)
Vid Desai became the first permanent chief information officer in September 2021, at which time the agency announced the reorganization of its information, technology, data management and cybersecurity functions into a new Office of Digital Transformation reporting directly to the commissioner.
The agency recently issued its Enterprise Modernization Action Plan (EMAP), which seeks to optimize common and essential business processes across the agency. The plan notes that in the past the agency has taken an organizational unit-based approach to process development and IT investments that resulted in siloed solutions and a fragmented data environment that has required staff to enter information manually into multiple systems. It is now advancing an agency-wide common operational approach to work more efficiently and optimize the use of its vast amount of data.
Desai spoke with the Pink Sheet about the agency’s modernization initiatives and how they will improve inspections and drug reviews. He also described efforts to better manage data to advance the use of artificial intelligence and machine learning. The conversation has been lightly edited for clarity.
When did you first join FDA and what was your initial role?
I joined the agency in August of 2019, just before the pandemic, as the Chief Technology Officer. Amy Abernethy, who was the principal deputy commissioner and acting CIO, basically, lured me into the agency. I had known her for many years from private industry. She lives in North Carolina very close to where I live so we had interacted a lot. I took the job because Amy at that time reported directly to the commissioner as the principal deputy commissioner. And she had the acting CIO role, which gave us that direct path to the commissioner and the executive committee. I personally would not have taken that role in IT if we didn't have that full seat at the executive committee through the arrangement that Amy had, wearing a dual hat as PDC, as well as having the acting CIO role.
Before you joined FDA, you were senior vice president and chief information officer at Vyaire Medical. How did your experience there inform your current work and what were the biggest differences between working in private industry and working in government?
For the last 10 or so years, I've worked in private healthcare industries funded by private equity. The whole purpose behind private equity tends to be to buy organizations or assets and make them efficient. It helped me learn a lot about how to take organizations and make them really efficient. In the last work that I did with Vyaire, we were essentially separating about a billion dollar organization from Becton Dickinson. And that required us to set up all the functions of a new organization from scratch. So it gave me exposure to understanding and working really closely with the executives all the way from R&D to manufacturing operations, sales and marketing, and support. I got engaged in all aspects of the business side and how IT implements many of the processes that every organization runs today. And that understanding of business processes and how they are all interconnected has been very important to me. And the role technology plays in enabling that was a good learning experience that I think I'm able to put to use at the FDA.
What does the role of Chief Information Officer consist of? What's a typical day like for you?
Forty percent of my time and energy goes into leading and driving change. We're literally using IT as a catalyst for a lot of change that we're driving through the organization. I work very closely with Dr. Woodcock and Dr. Califf. We're intimately focused on fixing the enterprise operations of the FDA. That's the focus that Dr. Woodcock has been given.
And Dr. Califf, obviously, has a great passion and a lot of experience in the role of technology and data and the significance of technology and data to agencies and organizations. So we've collectively partnered together to drive a lot of the enterprise shifts that you're starting to see and hear about within the FDA, the enterprise transformation operation teams that we've created and the EMAP that we just published recently.
And 25% of my thinking goes to governance. Our legacy IT issues were caused due to a lack of effective governance. So I spend a lot of time thinking and fixing those areas. 25% of my time goes into planning, budgeting and analysis. And the remaining 10% goes to operations. I have a great team of leaders that manage my operations for me, so I spend very little time worrying about operations and I only get involved in some of the priority areas, and obviously COVID. And some of the current formula shortage issues that we're dealing with require some urgent things for us to step up from an IT perspective. So I get a little bit engaged in the operations for some of those activities. But largely, most of my thinking is on leading and driving change on the governance side, planning and budgeting.
What transformations have taken place since the Office of Digital Transformation was established a year ago?
The mere fact of the formation and elevation of ODT to report directly to the commissioner was a huge shift in how we govern IT across the FDA. It literally was the start of FDA better appreciating enterprise functions. We've followed that up with the formation of this enterprise transformation operation team, which is really important, and the publication of the EMAP, the Enterprise Modernization Action Plan, which we just published a couple of weeks ago. And the ETO and the EMAP are driving our enterprise business process change activity.
I've spent a lot of time and energy in the formation of the ETO and the EMAP and the reason that's so important to us in IT is that we’ve seen in a lot of federal agencies and a lot of organizations, even on the private side, that IT is driving and modernizing things from an IT perspective but the business processes, unfortunately, don’t change. When that happens, you spend a lot of dollars on the IT side, but the business doesn't see any value coming out of it because the process is still the same old process and things are done the same old way. That’s why the ETO is so important. It basically allows us to fix the business process first, optimize that or even establish that in many cases, and then we can apply IT to it. That way we get better value out of it, something that we weren't doing as much in the past.
The other thing that we've created recently is the business capability model. It looks across everything we do within the FDA. There's three levels of processes that we all use, and there's about 50 or 60 different processes through which the agency operates. Now we're using data to basically align everything we do – from people to process, technology, finance, and procurement – to this capability model so we know we are putting the right resources and dollars and efforts towards things that are a priority for us at any given time. Priorities change all the time, but the business capability model allows us to align everything we do in in the agency towards that.
Could you note some specifics of what modernization involves. For example, when Dr. Califf spoke at the Senate Appropriations Subcommittee hearing last month, he mentioned that inspectors now spend a lot of time entering data into systems that are outmoded and they can't integrate information in the way that modern technology can support. What systems is FDA aiming to have that would impact things like inspections?
We're starting with inspections. That's a big area of focus for us right now. But we're also looking at supply chain, the Freedom of Information Act process where we've got some backlogs. When you look at our inspection systems, they were developed before the advent of mobile technologies, before iPads and tablets came to be. When you look at the job an inspector does, a mobile device and a tablet is the best device for them to use to do their job. But applications and systems were never designed for that. They were designed to be used on laptops. So you see inspectors lugging around these laptops, and when they have to take a picture or they want to take a sample, they literally have to take a digital camera out. They were also designed in this very fragmented and siloed manner without an overall enterprise design.
So the whole user experience that our inspectors have is very clunky. They literally have to jump between different applications to enter different data, to source different data. The back-end data that they collect is fragmented and siloed. And it was never designed to be shared or used across these systems and databases. So it's really very difficult. Imagine when you don't have a common key and you're trying to merge or analyze datasets without a shared common key. It literally takes us years and millions of dollars to make pretty minor changes to these very old platforms. So what we want to do is use these modern platforms that support the modern mobile devices and the types of devices people want to use today, and implement a process where changes don't take us years and millions of dollars to make. We should be able to make changes in days and weeks, as opposed to months and years. That's the kind of organization that we're working toward to take over more inspection work. We're going to be skipping several generations of technology as we modernize here.
Do inspectors have these tablets now? Is it something that that's been implemented already or is it something that's in the works?
We've been piloting and testing some tablets, but right now they are using legacy systems, which were designed to be used on laptops and devices like that. That's what we want to modernize away from.
Dr. Califf also mentioned modernization efforts that would impact the drug review process. Is there something similar that's happening in that area?
Absolutely. Some pretty good work has happened here. When we look at our business capabilities and we look at things like reviews, or submission reviews and stuff like that, these are clearly activities that we cannot do at the enterprise level because there are so many variations. The way you do reviews of drugs is different from the way you review devices and is different from biologics. So that's an activity that is always going to be center specific. But what we've done from an IT perspective is, we have now chosen a number of enterprise technologies that all the centers are using in common.
So for example, through the user fee programs where there's a lot of focus on optimizing the review process, the centers have started using these enterprise workflow tools to automate that process. I think in many centers, we're getting to a point where we literally have the entire end to end process, from the time something is submitted through the entire review process to the time we make a regulatory decision, the entire process goes into a single workflow engine. And the reason that's important is the workflow engine gives us lots of operational data that we can then use to look at that entire workflow and see the opportunities for optimizing, so we can shift into this mode of continuous improvement. That's starting to happen now in the centers that have leapt ahead and started to put all that workflow into one enterprise tool.
The other reason the enterprise tool is important is that all these processes, even though they're done differently between the different centers, they often intersect. Many drugs are now delivered through a device, so there's a lot of intersections of processes that occur. And if we're using the same enterprise tool to workflow enable these processes, as these connections and intersections happen, we can quickly connect them without having to spend millions of dollars and wait years and years for changes to be implemented. And that's why I'm very excited about the appreciation of enterprise tools, enterprise processes, and the collaboration that we're seeing between centers to recognize that business processes do cross centers. We cannot always work in this highly siloed way that we were working in the past.
Can you give an example of how industry is benefiting from these changes?
I'll use the COVID example. One of the things that you see in the press is that when it comes to using data, we've had to rely on data from foreign countries. You've heard about us using Israeli data, or data from the UK or Sweden. 
They have relatively smaller, less complex systems, where they are able to very quickly get usable data. So my question right now is, where is the US data? We have a more complex system, and obviously, it's still maturing. But this system is very interconnected. We've got regulators, we've got payors, we've got providers, all of them playing into this system. And we've got to modernize and do our part as regulators, because we have a role to play in that complex system. And the only time we're all going to benefit from this healthcare data that we all want to make better use of is when the entire system matures, and everybody has to modernize it.
We’re going to be held to the lowest common denominator within the healthcare system in terms of the use of data. If the private industry does great work, but the regulators or the government side gets left behind, the lowest common denominator is what's going to determine the usefulness of the overall data. And that's why it's pretty important for us to step up and play our role to make sure that the data that we generate, or we consume, is as modern as anybody else’s. Unless we do our bit, we will be holding the rest of the system back because we're all interconnected.
You gave a great example about inspections and the fact that just switching to a tablet makes a huge difference. Are there examples of moving to less complex systems that would enable the agency to work with data much more quickly?
We're focusing a lot on automating the workflow processes and using workflow tools and things like that. And part of the reason we’re excited about that is not only because these initial phases will help us use a lot of that data to optimize our internal work, but because we recognize that we're part of this larger healthcare ecosystem. Sooner or later, we're going to have to connect outside to the broader ecosystem, where similar tools are being used to automate workflows within private industry. I come from that area so I know some of the work that's been done there, and some of the challenges that they have.
But ultimately, for a healthcare system to work really efficiently, we're going to need to be able to connect very seamlessly. Imagine when you're trying to interface with your iPhone, or something like that, and you're using the USB-C connection on your Macintosh. It’s very easy to connect a USB-C connector with another USB-C device. But if you have to connect to somebody that is using the old Coax type of capability, it's so much harder to interface and connect. And that's why we've got to do our part to modernize and provide you with modern interface forms. Because we will want to interface with the outside world. And as we get more and more into the discussion of real world evidence, real world data, those interfaces, interconnections, and ways of linking our data together become increasingly more important. That's sort of the blueprint that we're working towards. But first we have to fix the internal plumbing before we can connect with the broader external plumbing systems.
Is FDA also using artificial intelligence and machine learning?
We're doing a lot of that. I think we are at the same level as private industry. Less than three years ago, I was on the other side trying to do the same things. And I think a common challenge we have is dirty data, or the lack of good data. Like the rest of the healthcare industry, we're experimenting. We've seen some technical places where we've seen some benefits of AI and ML, but to a large extent the barrier that’s holding us back to using technologies like that at scale is the availability of good data. That is because a lot of our internal data is fragmented, siloed, and was never designed to be shared or used by other systems. So we've got a lot of cleaning and work to be done. But this is not an issue unique to the FDA. Across the US healthcare system, whilst we're still maturing, we've got a lot of challenges in being able to get to good data quickly. And that's why we keep hearing about the use of Israeli data. But that's the challenge we have and we're trying to do our bit to overcome that. But the entire ecosystem is going to have to work to the point where complexity is not a barrier to us being able to use the data that's available to us nationally.
The technology modernization action plan called for pilot projects, referred to as regulatory use cases, to target problems and advance modernization efforts. Have any of these projects been initiated or completed?
Initially we started tinkering with some pretty easy use cases. But now we're starting to bite off on some sizable use cases. If you look at what we're doing on the inspection side, that is one of the more ambitious use cases that we've taken on. Right now we're piloting with two types of inspections, one on the drug side and one on the food side, to put the entire process into a single workflow tool and modernize the whole inspections approach from the beginning to the end. We're also looking at the data warehouse that our ORA [Office of Regulatory Affairs] team uses. ORA does all the inspections and safety surveillance work and import work. They have a very complex large data warehouse but they've been struggling because a lot of that data comes from this very siloed, fragmented environment. We're looking to modernize that using some common data curation tools and things like that.
We're working on our imported seafood pilot program. We're experimenting with artificial intelligence and machine learning technologies to basically identify where the stinking, rotting fish might be coming from. The majority of our fish is imported from abroad. We have thousands of containers to unload every day, and it's our job to figure out which ones may have bad fish in them. So we're trying to use AI and ML techniques to see if we can better predict that. We regulate products that amount to 20 cents of every dollar that is spent, from food, drugs, devices, cosmetics, and supplements. We try to do this with 18,000 people, and if we were to divvy up the responsibility of regulating these products across our employee base, each employee would literally have hundreds of thousands, if not millions, of products that they would be personally responsible for regulating.
The only way we can scale up is to use technology and data to act as a force multiplier. The size and scope of what we do needs the effective use of technology and data for us to be able to do our jobs effectively. And that's one of the reasons why good use of data is so important to us. We can randomly try to inspect those thousands of containers being unloaded every day, or we can put some machine intelligence behind that and be much smarter about which ones you target, because you're not going to be able to inspect each and every one of them. It's literally humanly impossible to do that.
Is that approach also being used in post market surveillance?
Very much so. There are huge opportunities for us there. But again, we’ve got to fix up the fundamentals first. There's a lot of data out there. But there's a lot of data that can be corrupted or biased, as well. So when we get into the realms of AI and machine learning, we have to be very careful in terms of the type of data we're using to make sure that we're making unbiased regulatory decisions. So yes, there's a lot of data available. But we've got to make sure that the data is good, clean and unbiased before we can make use of it. Otherwise, it can result in a lot of unintended consequences. And that's not good for the agency and it's certainly not good for the American public. So we've got to take a very thoughtful approach to how and which types of data we use.
How do you determine whether data can be used?
That's a tough question. I think there's a lot of data curation that is needed before we can be convinced that that data is unbiased and clean. We've got a lot of experience in doing that. Because when you look at the typical way we do drug reviews we take a risk-based approach. But it's based on data and clinical trials. We expect data to be submitted, relative to a baseline of some sort. And there's got to be statistical proof to convince us that there is a benefit, that it is safe. We look at good practices to ensure that there is convincing data to show safety and efficacy. And I think we will be using a similar approach, a very scientific and data driven approach, to look at data that we consume to inform AI and machine learning algorithms to ensure that we're satisfied against a clear baseline, whether it's a blinded placebo based trial, or something like that. But it's got to be convincing data before we can put it into machine learning algorithms.
What has been your best day and your worst day on the job?
I think the best day is when we elevated ODT to report directly to the commissioner, and we got a full seat at the executive table. I think that was certainly something that I enjoyed a lot. And it basically sets up IT for success. Even when I'm not around, future CIOs will appreciate us getting that seat at the table. I think the publication of the Technology Modernization Action Plan, the Data Modernization Action plan, and recently, the EMAP were great days. I think they are significant milestones toward modernization.
In terms of worse days, I have to dig deep to think about that. There really weren’t bad days. But listening to some of the hearings and criticism that we get occasionally, I know many of the people that work in the FDA personally, and these are hardworking, dedicated civil servants. And sometimes, we'll get some very horrible emails, or you'll hear something on the news which is very skewed. I think when that happens, it's a little bit hard, because you know where the soul of the organization is, you know where the soul of the people working at the organization is. And when you hear this very skewed view that can be hard. And in my job we’re responsible for cybersecurity, and we see some very ugly, horrible emails being sent by some of our citizens to very decent, hard-working public servants. That's a little bit disturbing at times. And certainly we live in a pretty polarized environment where we’ve seen a lot more of that.
But other than that, I think the good days far outnumber the bad days. I'm proud of what the agency does. I'm proud of the people I work with. It’s a great team. I came from the private side where the FDA was considered that evil organization. But seeing what we do here, I tell you, I think industry needs us as much as we need the industry. And I think a good partnership model is what makes this whole system work.
 Janet Woodcock, who became principal deputy commissioner after about a year as acting commissioner and decades as director of the Center for Drug Evaluation and Research, is focusing on efforts to modernize the agency. (Also see "Woodcock Focusing On Food Issues, Rather Than Drugs, As US FDA’s Principal Deputy Commissioner" - Pink Sheet, 19 May, 2022.)
 FDA relied on Israel’s experience with Pfizer/BioNTech and Moderna’s mRNA COVID-19 vaccines in making decisions on authorizing boosters. (Also see "Moderna’s COVID-19 Second Booster Authorization Largely Thanks To Pfizer/BioNTech Data" - Pink Sheet, 2 May, 2022.)