FDAs Recent Clarification on Guidance for Managing Data Integrity for Regulated Computer Systems

The webinar will focus on the importance of ensuring that the validation of an FDA-regulated computer system will meet compliance guidelines. This includes the development of a company philosophy and approach and incorporating it into an overall computer system validation program and plans for individual systems that are regulated by the FDA. It also requires a recognition that data integrity issues continue to be a strong area of focus by the FDA during the inspection, and there are many examples and best practices that will be covered in this seminar to address them.

FDA’s guidelines for computerized systems were enacted in 1983, and very little has changed, other than technology, since that time, as it relates to validation. The premise for compliance is demonstrating clearly and completely that a computer system does what it purports to do. This means developing a very detailed set of unique and testable functional requirements and creating a set of test scripts that will prove each requirement is met.

This webinar will describe the approach to determining the level and robustness of testing required, based on a thorough risk assessment of the system, which includes the likelihood, severity, and detectability of potential failures of the system to work as expected, and the mitigation to be applied, should the system fail. Along with system categorization, in accordance with GAMP 5 principles, and an evaluation of the complexity and application of the software, the attendee will understand how to develop the rationale they will include in the validation plan for the level of testing executed.

A company must have specific policies and procedures in place that explicitly state responsibilities and provide guidance for validation, which will be discussed. We will also delve into the training requirements for users, testers, and those who will be the stewards of the system. All must be carefully documented. Disaster recovery and Business Continuity Planning will also be touched upon as key aspects of supporting the system in a validated state. Change control and periodic review will address the challenges of making certain that the system remains in control and is tested further according to any needs that arise from changes.

As FDA continues to evolve and change due to the many factors that influence the regulatory environment, companies must be able to adapt. New technologies will continue to emerge that will change the way companies do business. While many of these are intended to streamline operations, reducing time and resources, some unintentionally result in added layers of oversight that encumber a computer system validation program and require more time and resources, making the technology unattractive from a cost-benefit perspective.

• Computer System Validation (CSV)
• System Development Life Cycle (SDLC) methodology
• Good “Variable” Practice (GxP) (Good Manufacturing Practice (GMP), Good Laboratory Practice (GLP), Good Clinical Practice (GCP))
• Data Integrity (DI)
• Validation strategy, planning, and execution
• System risk assessment
• GAMP 5 “V” Model and software categorization
• 21 CFR Part 11, FDA’s guidance on Electronic Records/Electronic Signatures (ER/ES)
• Security, access, change control, and audit trail
• Criteria required to ensure data is created and maintained with integrity through its life cycle
• Policies and Procedures to support CSV and DI assurance
• Training and organizational change management
• Current FDA trends in compliance and enforcement
• Industry best practices and common pitfalls
• Q&A

This webinar will help you understand in detail the application of FDA’s guidelines for Computer System Validation (CSV), which is per the System Development Life Cycle (SDLC) Methodology. This is critical to develop the appropriate validation strategy and achieve the thoroughness required to prove that a system does what it purports to do. It also ensures that a system is maintained in a validated state throughout its entire life cycle, from conception through retirement.

The SDLC will provide a framework for validation planning, allowing the attendee to understand all of the phases and deliverables required during validation. 

The end result will be a very well documented validation effort that will stand up to FDA scrutiny during an audit, and assure that the data housed and/or processed using the validated computer system will be maintained with great integrity. It is important to remember that in addition to validating a computer system subject to FDA compliance, the system must be maintained in a validated state throughout its lifecycle until the system is retired or otherwise no longer used. This webinar will describe the policies, procedures, training and other underlying support elements that are needed to ensure ongoing maintenance of a system in a validated state.

In addition, FDA has heavily focused its resources on inspection targeting Data Integrity (DI). During the past ten years, the percentage of Form 483 citations and Warning Letters with issues related to DI has increased dramatically and continues to do so through 2019. We will provide the requirements related to DI, examples of FDA findings, and will cover the industry best practices that will help you mitigate this potential risk.

• Information technology managers, developers, and analysts
• QC/QA managers and analysts
• Clinical data managers and scientists
• Compliance managers
• Lab managers
• Automation analysts
• Computer system validation specialists
• GMP training specialists
• Business stakeholders and individuals who are responsible for computer system validation planning, execution, reporting, compliance, and audit
• Consultants working in the life sciences industry who are involved in computer system implementation, validation, and compliance

Carolyn Troiano has more than 35 years of experience in computer system validation in the tobacco, pharmaceutical, medical device and other FDA-regulated industries. She has worked directly, or on a consulting basis, for many of the larger pharmaceutical and tobacco companies in the US and Europe. She is currently building an FDA computer system validation compliance strategy at a vapor company. Carolyn has participated in industry conferences, and is currently active in the Association of Information Technology Professionals (AITP), and Project Management Institute (PMI) chapters in the Richmond, VA area. Carolyn also volunteers for the PMI’s Educational Fund as a project management instructor for non-profit organizations.