update of regulations Sometimes the laws stay the same but the interpretation and enforcement changes • Eventually technology is reﬁned to make compliance easier • Castle, D., Kumagai, K., Berard, C., Cloutier, M., & Gold, R. (2009).
A model of regulatory burden in technology diffusion: The case of plant-derived vaccines.
http://www.agbioforum.org/v12n1/v12n1a10-castle.htm Many examples in our careers of technology leapfrogging regulations: introduction of networks, explosion of the web, explosion of mobile phones. In 2011 joint commission ruled that it is not acceptable for docs to text orders for patient care, services, or treatment. In May 2016, joint commission revised it’s position allowing secure texting for transmission of orders, and deﬁned characteristics of a secure texting platform (based on review of industry developed technology) PCI DSS 3.0 updated in 2014, look at SAQ A for card-not-present merchants with all cardholder data functions fully outsourced. PCI DSS 3.0 section 2.2.1 speciﬁcally talks about virtualization, one primary function per server to prevent functions that require diﬀerent security levels from co-existing on the same server (web, DB, DNS on diﬀerent servers) Interesting example of trying to model out diﬀerent approaches, this paper discusses 3 models for vaccine development, production, and distribution with varying regulatory burdens and tries to model the impact on disease for a given population with each approach.