Published: May, 2022
Computer system validation has been regulated by FDA for nearly 40 years, as it relates to systems used in the manufacturing, testing, and distribution of a product in the pharmaceutical, biotechnology, medical device, or other FDA-regulated industries. The FDA requirements ensure thorough planning, implementation, integration, testing, and management of computer systems used to collect, analyze and/or report data.
Electronic records and electronic signatures (ER/ES) came into play through guidelines established by FDA in 1997 and disseminated through 21 CFR Part 11. This code describes the basic requirements for validating and documenting ER/ES capability in systems used in an FDA-regulated environment.
In the early 2000s, FDA recognized they could not inspect every computer system at every regulated company and placed the onus on industry to begin assessing all regulated computer systems based on risk. The level of potential risk, should the system fail to operate properly, needed to be the basis for each company’s approach to developing a validation approach and rationale as part of the planning process. System size, complexity, business criticality, GAMP 5 category, and risk rating are the five key components for determining the scope and robustness of testing required to ensure data integrity and product safety.
In December 2018, FDA issued a guidance document on Data Integrity (DI), which has seen an alarming increase in DI issues during inspection of regulated firms. This upward trend continues and is of particular interest during FDA inspection.
In this CPE information technology webinar we will explore the best practices and strategic approaches for evaluating computer systems used in the conduct of FDA-regulated activities and determining the level of potential risk, should they fail, on data integrity, process, and product quality, and consumer/patient safety.
We will walk through the System Development Life Cycle (SDLC) approach to validation, based on risk assessment, and will also discuss 21 CFR Part 11 and the importance of managing electronic records and signatures appropriately.
Whether you are taking a waterfall or agile approach to developing, testing, and supporting a regulated system, this CPE course will guide as on how to apply the GAMP®5 “V Model” to either one.
The waterfall or traditional CSV approach is very documentation-centric, while the agile approach, which aligns with FDA’s current thinking on Computer Software Assurance (CSA) is focused primarily on critical thinking. We will delve into the differences, the pros and cons, and the various mechanics involved in each of these. We will also discuss cloud services, Software as a Service (SaaS), and other types of technology for which the FDA has not yet offered guidance. Our approach to validating these types of systems is based on common sense and industry best practices.
We will also walk through the entire set of essential policies and procedures, as well as other supporting documentation and activities that must be developed and followed to ensure compliance. We will provide an overview of practices to prepare for an FDA inspection, and will also touch on the importance of auditing vendors of computer system hardware, software, tools and utilities, and services.
Finally, we will provide an overview of industry best practices, with a focus on data integrity and risk assessment that can be leveraged to assist in all your GxP work.
In this CPE webinar, we will focus on the most effective practices for meeting FDA compliance for Computer System Validation (CSV), as well as 21 CFR Part 11, FDA’s guidance for electronic records and electronic signatures, and Data Integrity (DI).
FDA’s recent focus on data integrity during computer system validation inspections and audits has brought this issue to the forefront of importance for compliance of systems used in regulated industries. The CPE course includes information and advice for complying with FDA for all systems that “touch” products, meaning they are used to create, collect, analyze, manage, transfer and report data regulated by FDA.
All structured data, including databases, and unstructured data, including documents, spreadsheets, presentations, images, audio, and video files, amongst others, must be managed and maintained with integrity throughout their entire life cycle. It is a risk-based approach that leads to the best results and compliance with FDA’s expectations.
MY-CPE LLC, 1600 Highway 6 south, suite 250, sugar land, TX, 77478
MY-CPE LLC (Sponsor Id#: 143597) is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org.
Account Executive, BrainStorm Central Consulting LLC
Carolyn Troiano has more than 35 years of experience in computer system validation and compliance in the pharmaceutical, medical device, tobacco and other FDA-regulated industries. She is currently an independent consultant, advising companies on computer system validation and large-scale IT system implementation projects.
BrainStorm Central Consulting is the leader and premier catalyst for moving companies to a new level by outstripping conventional wisdom and thought, and creating a strategy that goes beyond the realm of “better, faster, cheaper”.
"Our experience will lead you to us, your experience will keep you coming back..."
FDA Compliance Training Topics Offered:
• Developing a Strategic Approach to FDA Compliance for Computer Systems
• FDA’s Deeming Regulations for e-Cigarettes, Cigars, and other Tobacco-related Products
• Risk-Based Approach to CSV, 21 CFR Part 11 and FDA Compliance
• Medical Device Industry Trends for Computer Systems Regulated by FDA
• Tobacco and Related Industry Trends for Computer Systems Regulated by FDA
• FDA Deeming Rule for Tobacco Related Products and Recent Actions: eCigarettes, eLiquids, Cigars
• FDA Compliance and Mobile Applications
• Good Documentation Practices to Support FDA Computer System Validation
• In-Depth Computer System Testing of Computer Systems Regulated by FDA
• Disaster Recovery and Business Continuity Planning for Computer Systems Regulated by FDA
• Data Integrity and Governance for Computer Systems Regulated by FDA
• Trends in FDA Compliance and Enforcement for Regulated Systems
• Best Practices in Preparation for an FDA Computer System Audit
• Functional System Requirements for Computer Systems Regulated by FDA
• Best Practices for Auditing a Vendor of Computer Systems Regulated by FDA
• 21 CFR Part 11 (e-Records/Signatures) Compliance for Computer Systems Regulated by FDA
• C-TPAT Compliance for FDA-Regulated Industries
• Medical Device Cybersecurity and FDA Compliance
• 21st Century Cures Act and Medical Device Software Compliance
• Medical Device Software 62304 Compliance
• Creating, Reviewing & Managing Audit Trails: Compliance for FDA-Regulated Computer Systems
• Best Practices for Responding to a Form 483 Citation and/or Warning Letter Issued by FDA