FDA Wants Your Trial Data in Real Time — and Your 483 Response in 15 Days

FDA Wants Your Trial Data in Real Time — and Your 483 Response in 15 Days

Plus: a genomic data lawsuit names AstraZeneca, BMS, GSK, and Pfizer; Lilly bets $2.25B on AI-designed gene editing; and only 17% of pharma orgs have demonstrated AI value in discovery

Week of April 27 – May 3, 2026  ·  ~12 min read  ·  Compiled with Perplexity and Claude AI.

Three threads converged this week:

• FDA is reaching into clinical trials in real time with a new pilot giving regulators signal-level data visibility as it is generated — while simultaneously formalizing a 15-business-day hard deadline for Form 483 inspection responses
• Eli Lilly’s $2.25 billion Profluent deal moves AI-designed gene editing into formal drug development — while a lawsuit naming AstraZeneca, BMS, GSK, and Pfizer exposes the consent risk in genomic data licensing
• ZS CDIO research puts a number on the AI value gap: only 17% of pharma organizations have demonstrated consistent AI value in drug discovery, despite the function being among the most heavily AI-invested in the industry

The connecting thread: FDA is not waiting for AI to mature — it is building the real-time data infrastructure and enforcement framework to govern how AI intersects with clinical development and manufacturing. CIOs need to be in both conversations simultaneously.

🤖 AI & Data

FDA’s real-time trial data pilot, OpenAI’s life sciences model launch, and Lilly’s $2.25B gene editing deal all signal the same shift: AI is moving from R&D experiment to regulated clinical infrastructure, with data architecture implications that land directly on the CDIO’s desk.

FDA Launches Real-Time Clinical Trial Data Review Pilot with AstraZeneca and Amgen

On April 28, FDA Commissioner Marty Makary announced a pilot allowing FDA reviewers to access clinical trial safety and efficacy signals in real time as data is generated. AstraZeneca (Phase 2 Traverse trial, Calquence) and Amgen (Phase 1b Imdelltra trial) are the first two sponsors enrolled, transmitting data through Paradigm Health’s platform; a parallel AI-in-trials pilot for safety monitoring, dose optimization, and patient recruitment is planned for summer 2026.

What happened:

• FDA Chief AI Officer Jeremy Walsh specified the agency seeks signal-level visibility to support phase transition decisions — not patient-level records — with regulatory decision authority remaining with human reviewers
• FDA data shows 45% of the time between Phase 1 start and approval submission is dead time on paperwork and sequential review; this initiative targets that structural inefficiency directly

Why it matters to you:

• Sponsor-side IT infrastructure — EDC systems, clinical data management platforms, and API-connected pipelines to platforms like Paradigm Health — will be scrutinized as pilots expand beyond the initial two sponsors
• CDIOs with ongoing or planned oncology trials should initiate discussions with clinical development IT and regulatory affairs about real-time transmission readiness now, before expansion criteria are announced

OpenAI Launches GPT-Rosalind, a Life Sciences–Specific Reasoning Model

On April 17, OpenAI introduced GPT-Rosalind, a reasoning model designed for biology, drug discovery, and translational medicine, available through ChatGPT, Codex, and the OpenAI API. Amgen, Moderna, the Allen Institute, and Thermo Fisher Scientific are among early collaborators; broader access is available through OpenAI’s trusted access program.

What happened:

• GPT-Rosalind processes scientific literature, genomic databases, and experimental data to surface hypotheses; its availability through standard OpenAI channels lowers the experimentation barrier compared to enterprise platform agreements — raising shadow-AI risk for R&D organizations
• Despite $17B+ invested in AI-driven drug discovery since 2019, no AI-designed drug has completed large-scale clinical trials — the model enters a space where vendor claims outpace demonstrated outcomes

Why it matters to you:

• R&D scientists can begin experimenting through existing OpenAI accounts without procurement or IT involvement; the governance gap for domain-specific foundation models is wider than for general-purpose ones
• Organizations with active model governance frameworks need to clarify where GPT-Rosalind sits relative to validated GxP-applicable tools before informal adoption takes root

Eli Lilly Pens $2.25 Billion AI-Designed Gene Editing Deal with Bezos-Backed Profluent

On April 28, Eli Lilly announced a collaboration with Profluent Bio worth up to $2.25 billion, using Profluent’s AI foundation models trained on a 115-billion-protein atlas to design site-specific recombinases for kilobase-scale DNA editing. Lilly is licensing the resulting enzymes directly into its preclinical development pipeline — not studying them.

What happened:

• Lilly’s 2026 AI partnerships now total more than $6B across Profluent, Insilico Medicine ($2.75B), and Nvidia ($1B+ co-innovation lab) — the most concentrated AI-driven R&D program among large pharma
• The deal signals maturation: AI protein design has moved from research curiosity to a development platform that major pharma will stake milestone payments on

Why it matters to you:

• As AI-designed therapeutics advance toward clinical trials, data lineage, model governance, and regulatory submission infrastructure for documenting AI-derived molecular inputs must mature in parallel
• CDIOs building AI-driven discovery programs should be planning now for the data lineage and validation requirements GxP-applicable use of generative protein design models will require

⚖️ Regulatory & Policy

Two FDA actions this week operationalize the agency’s AI and digital inspection agenda in concrete, deadline-driven terms — one reaching forward into clinical trials, the other formalizing hard enforcement timelines for what happens after an inspection closes.

FDA Issues Draft Guidance Formalizing Form 483 CGMP Inspection Response Requirements

On March 9, FDA’s CDER issued its first-ever draft guidance formalizing Form 483 CGMP inspection response structure and content — establishing a 15-business-day recommended response window before FDA may initiate regulatory action such as a warning letter. The comment period closes May 8, 2026; FiercePharma reported May 1 the draft “creates potential friction” for manufacturers unfamiliar with the documentation depth now expected.

What happened:

• The required package is substantially more structured than prior informal practice: formal table of contents, executive risk assessment linked to in-distribution inventory, tabular CAPA summary by observation number, root cause analysis, and a communication plan — all in a single submission
• For observations not remediable in 15 days, establishments must still submit a CAPA plan and proposed timeline within that window; scientific disagreements must be addressed with supporting data, not through informal channels

Why it matters to you:

• The 15-day window is operationally demanding during the post-inspection period when sites are simultaneously managing business continuity; CAPA and documentation systems need to generate the structured package under time pressure
• CDMOs and CROs with high inspection frequency should treat automated 483-response workflow generation — tabular CAPAs, executive risk assessments tied to lot data — as a priority technology investment, not a future-state aspiration

FDA and EMA Publish Joint Good AI Practice Principles for Drug Development

On January 14, FDA and EMA jointly published ten Good AI Practice (GAIP) principles governing AI use across the drug development lifecycle — from early research through post-authorization surveillance — covering data quality, transparency, reproducibility, human oversight, and risk management for AI-generated evidence in regulatory dossiers. The principles apply across CMC, preclinical, clinical, and pharmacovigilance use cases.

What happened:

• FDA’s CDIO confirmed at the April 28 press conference that regulatory decision-making authority remains with human reviewers; the GAIP principles reinforce that human-in-the-loop requirements are a baseline expectation for any AI-assisted submission
• FDA separately tracks a year-over-year increase in drug application submissions containing AI components and has published a curated AI-in-drug-development guidance library as the framework moves toward binding guidance

Why it matters to you:

• Audit trails, model versioning, data provenance, and human-in-the-loop validation for AI-generated submissions will increasingly be expected to meet standards analogous to 21 CFR Part 11 and Annex 11
• The GAIP principles are not yet binding, but they will underpin formal guidance from both agencies in the next 12–18 months — organizations that map their AI tooling now retain a window to influence the final framework

🔒 Cybersecurity & Risk

Two risk vectors this week with direct pharma and biotech exposure: a class action lawsuit over genomic data sold to pharma AI buyers, and an NDA-as-malware campaign targeting BD and legal teams at CDMOs and CROs.

Tempus AI Faces Class Action Over Genomic Data Sold to Pharma Clients Including AstraZeneca, BMS, GSK, and Pfizer

In mid-April, multiple putative class action suits were filed in Chicago federal court against Tempus AI (FY2025 revenue: $1.27B), alleging the company wrongfully trained AI models on genetic data from its Ambry Genetics acquisition and sold that data — in deals collectively valued at approximately $1.1 billion — to pharma clients including named defendants AstraZeneca, Bristol Myers Squibb, GlaxoSmithKline (GSK), and Pfizer. Plaintiffs challenge Tempus’s de-identification claims on scientific grounds, citing NIH studies showing genetic data can be re-identified through cross-referencing with public genealogical databases.

What happened:

• Tempus’s data library spans 45M+ records including 1M matched clinical-genomic records; plaintiffs allege consent frameworks from Ambry’s clinical testing context did not cover secondary commercial use or AI model training
• Complaints cite the Illinois Genetic Information Privacy Act, breach of contract, invasion of privacy, and state privacy laws; plaintiffs seek damages and a court order to cease data sharing without proper consent

Why it matters to you:

• Any pharma or biotech organization that has purchased or licensed genomic data from AI platform companies faces the same consent chain-of-custody question this lawsuit is testing in court
• M&A transactions in which acquirers repurpose inherited patient databases for commercial AI training — an increasingly common deal pattern — are now explicitly in the legal crosshairs

AI-Enabled Cyberattack Sophistication Escalates; NDA-as-Malware Vector Targets Life Sciences BD Teams

A documented threat campaign reported by The Record targets pharma, biotech, and CDMO organizations through malware disguised as NDA files delivered through standard “Contact Us” web forms — exploiting the trusted context of routine business development communications. BankInfoSecurity characterized pharma as “mature but vulnerable,” noting CDMOs, specialty CROs, and smaller biotechs integrated into sponsor IT networks represent the most exposed supply chain attack surface.

What happened:

• The NDA-as-malware vector requires no technical sophistication from the victim: malware arrives through the normal contracting channel used by BD, legal, and partnerships teams, reducing the likelihood of staff scrutiny
• AI-augmented cyberattack automation is outpacing the ability of most organizations to respond at machine speed — the industrialization of ransomware-as-a-service is accelerating in parallel with this social engineering vector

Why it matters to you:

• This attack targets business-side teams — BD, legal, alliances — not security staff; awareness training needs to extend explicitly beyond the technical workforce to everyone who receives unsolicited contract documents
• OT network segmentation and incident response playbooks should be evaluated specifically against a scenario in which manufacturing-facing systems are compromised through a business-side entry point

🏢 Leadership & Operating Model

ZS Associates’ 2026 CDIO research quantifies both the scale of operating model transformation underway and the distance between AI investment and demonstrated value — with a single number, 17%, that belongs in every pharma CIO’s board presentation.

ZS CDIO Research: 86% Restructuring Teams, Only 17% Demonstrating AI Value in Discovery

ZS Associates’ 2026 CDIO Research — conducted by The Harris Poll among 115 U.S.-based technology executives at multinational pharma and biotech companies, 62% holding CIO, CDIO, or CTO titles — found 86% are testing or making structural changes to roles and teams, and 55% of CIOs now have authority to reshape their enterprise operating model. Against that mandate, the AI value realization data is stark: only 17% have demonstrated consistent AI value in drug discovery, despite discovery being among the most heavily AI-invested functions in the industry.

What happened:

• The 40% pilot-to-scale conversion rate persists: 68% cite neglecting data quality and governance early as the primary failure mode, and 67% warn that launching AI without clear goals and metrics is a critical error
• Infrastructure investment intentions for the next 12 months remain foundational: 88% plan increased cloud investment, 86% data platforms, 84% AI platforms — continued base-layer spending rather than a shift to pure application deployment

Why it matters to you:

• The 17% discovery value realization stat is a direct counterpoint to the deal volume narrative — GPT-Rosalind and Lilly–Profluent this week reflect ambitions that the ZS data says most organizations haven’t yet translated into demonstrated outcomes
• Organizations with active AI pilots and no concurrent data governance remediation are statistically in the 60% that won’t scale; the failure mode is well-defined and remediable

ZS and McKinsey Frame the Life Sciences CIO Mandate: From IT Enablement to Growth Architecture

Converging research from ZS Associates and McKinsey defines a consistent structural shift: pharmaceutical and biotech CIOs are being asked to move from technology execution to growth architecture, directing both business and technology teams. ZS’s survey data captures the mandate: 55% of pharma CIOs now have authority to reshape the enterprise operating model — the highest proportion in any prior ZS CDIO survey.

What happened:

• ZS identifies four pressures that 9 in 10 pharma tech leaders view as active growth threats: higher stakeholder expectations, competitors’ scientific advancements, AI disruption, and regulatory friction — with technology and data capability gaps (61%), talent (58%), and business engagement friction (56%) as the top operating model change drivers
• CIO.com’s February 2026 analysis put the global AI skills gap at 4.2 million positions by 2030, with pharma competing against tech, financial services, and energy for the same data engineering, ML operations, and AI governance talent

Why it matters to you:

• CDIOs who have not formalized their mandate in terms of growth contribution metrics — not just service levels and cost management — may be on the wrong side of organizational design decisions as companies restructure around AI delivery
• Talent gaps as the second-ranked driver of operating model change argues for workforce development investment as a near-term priority, not a multi-year program

💡 Editor’s Perspective

• FDA’s two moves this week define the technology requirement from both ends of the drug development lifecycle: the real-time trials pilot pulls clinical IT toward continuous data transmission and API-connected regulatory interfaces, while the Form 483 guidance pulls manufacturing IT toward structured, automated documentation systems capable of producing executive risk assessments and tabular CAPA summaries within 15 business days. CIOs with both clinical operations and manufacturing responsibilities need both assessments running simultaneously — they’re not the same infrastructure problem.
• The Tempus AI lawsuit puts a legal test around an assumption quietly embedded in dozens of pharma AI deals: that de-identified genomic data acquired through M&A or licensing can be freely repurposed for AI model training. The named defendants — AstraZeneca, BMS, GSK, Pfizer — are not niche players; they are the organizations whose data governance practices will define the industry standard. Whether the lawsuit succeeds or not, the consent chain-of-custody question it raises should be on every CDO and Chief Privacy Officer’s desk this week.
• The ZS 17% discovery value realization figure and the GPT-Rosalind and Lilly–Profluent announcements tell the same story from opposite ends: the ambition is accelerating and the infrastructure isn’t keeping pace. Adding AI capability without concurrent data governance remediation compounds the pilot-to-scale failure rate — it doesn’t resolve it.
• The FDA/EMA GAIP principles and the Form 483 guidance together signal a single design requirement: every AI-assisted workflow in a regulated context needs a documented human review gate, a traceable audit trail, and structured documentation producible under time pressure. Organizations that treated last month’s FDA AI warning letter as a manufacturing-specific story should recognize it as a sector-wide governance standard being built out simultaneously across clinical, regulatory, and quality functions.

🔗 Top 5 Must-Read Links

1. Fierce Biotech: FDA Unveils Real-Time Clinical Trial Data Review Pilot — April 28, 2026 — Primary source on the pilot announcement and the summer AI-in-trials expansion; essential reading for any CDIO with clinical operations responsibilities before expansion criteria are published.
2. FDA Draft Guidance: Responding to Form 483 Observations at Conclusion of a Drug CGMP Inspection — The actual guidance document with full response package requirements; comment period closes May 8 — hand to quality and manufacturing IT teams immediately for the documentation systems assessment.
3. BankInfoSecurity: Health AI Firm Faces Lawsuits Over DNA Data Use and Disclosure — The most complete account of the Tempus AI lawsuit and its named pharma defendants; essential reading for any CDIO or CDO with genomic data licensing agreements.
4. ZS Associates: 2026 CDIO Research — Scaling AI in Pharma and Biotech — Primary source for the 17% discovery value realization benchmark; the most operationally useful AI performance data for pharma and biotech CIOs published this year.
5. EMA/FDA: Joint Good AI Practice Principles for Medicine Development — The joint regulatory framework that will underpin binding FDA and EMA guidance in the next 12–18 months; use this as the foundation for your AI governance audit checklist for regulated submissions.

The common thread across this week’s developments — real-time regulatory data access, formal inspection response requirements, genomic data consent litigation, and the 17% discovery value gap — is that the distance between AI ambition and AI governance infrastructure is now being enforced, not just discussed. If any of these items connects to a live challenge in your portfolio, hit reply — that’s exactly what the community is built for.

Ready to move beyond the digest? The LS CIO Community is where these conversations continue.

Join the LS CIO Community →

This digest is an interpretive summary of publicly available information and does not constitute legal, regulatory, cybersecurity, or investment advice.

Until next week,

Joe Miller

Founder, Leadership Inklings