Cloud and Software-as-a-Service (SaaS) Vendors: Approach to Validation for FDA-Regulated System
Speaker: Carolyn Troiano
Speaker Designation: FDA Compliance Consultant
Speaker: Carolyn Troiano
Speaker Designation: FDA Compliance Consultant
Computer system validation has been regulated by FDA for more than 30 years, as it relates to systems used in the manufacturing, testing and distribution of a product in the pharmaceutical, biotechnology, medical device or other FDA-regulated industries. The FDA requirements ensure thorough planning, implementation, integration, testing and management of computer systems used to collect, analyze and/or report data.
Electronic records and electronic signatures (ER/ES) came into play through guidelines established by FDA in 1997, and disseminated through 21 CFR Part 11. This code describes the basic requirements for validating and documenting ER/ES capability in systems used in an FDA-regulated environment.
In the early 2000s, FDA recognized they could not inspect every computer system at every regulated company and placed the onus on industry to begin assessing all regulated computer systems based on risk. The level of potential risk, should the system fail to operate properly, needed to be the basis for each company’s approach to developing a validation approach and rationale as part of the planning process. System size, complexity, business criticality, GAMP®5 category and risk rating are the five key components for determining the scope and robustness of testing required to ensure data integrity and product safety.
FDA’s recent focus on data integrity during computer system validation inspections and audits has brought this issue to the forefront of importance for compliance of systems used in regulated industries. All FDA-regulated systems must be managed and maintained with integrity throughout their entire life cycle.
In this webinar, we will explore the best practices and strategic approach for evaluating computer systems used in the conduct FDA-regulated activities and determining the level of potential risk, should they fail, on data integrity, process and product quality, and consumer/patient safety. We will explore validation following the traditional waterfall, phased approach, and following an agile methodology, with 2–3-week sprints for completing work products. We will walk through the System Development Life Cycle (SDLC) approach to validation, based on risk assessment. We will also cover validation using Computer Off-the-Shelf (COTS), Cloud, and Software-as-a-Service (SaaS).
This webinar is intended for those involved in planning, execution and support of computer system validation activities, working in the FDA-regulated industries, including pharmaceutical, medical device, biologics, tobacco and tobacco-related products (e-liquids, e-cigarettes, pouch tobacco, cigars, etc.).
Functions that are applicable include research and development, manufacturing, Quality Control, distribution, clinical testing and management, sample labeling, adverse events management and post-marketing surveillance.
In this webinar, we will explore the best practices and strategic approach for evaluating computer systems used in the conduct of FDA-regulated activities and determining the level of potential risk, should they fail, on data integrity, process and product quality, and consumer/patient safety. We will explore validation following the traditional waterfall, phased approach, and following an agile methodology, with 2–3-week sprints for completing work products. We will walk through the System Development Life Cycle (SDLC) approach to validation, based on risk assessment. We will also cover validation using Computer Off-the-Shelf (COTS), Cloud, and Software-as-a-Service (SaaS).
We will provide an overview of practices to prepare for an FDA inspection, and will also touch on the importance of auditing vendors of computer system hardware, software, tools and utilities, and services.
Finally, we will provide an overview of industry best practices, with a focus on data integrity and risk assessment that can be leveraged to assist in all your GxP work.
Personnel in the following roles will benefit:
Carolyn Troiano has more than 40 years of experience in computer systems and data in the pharmaceutical, medical device, tobacco, cannabis, and other FDA-regulated industries, as well as in banking, insurance, and government agencies. She is currently an independent consultant, advising companies on data integrity, privacy, and compliance, including implementing large-scale, complex systems, such as Enterprise Resource Planning (ERP), Customer Relationship Management (CRM), Clinical Trial Master File (TMF and eTMF), Manufacturing, Quality, and Enterprise Content Management (ECM) systems.