4 April, 2018

GxP requirements to be considered in new software

Computerized Systems Validation, Process computerization, Regulation

buy software, computerised system validation, user requirements, VSM

We analyze the importance of considering the regulatory user requirements when incorporating new systems in the organization

Many companies are planning to update their computerized systems in production and in laboratories. These updates are necessary for them to implement features such as audit trails, secure data storage systems, access, and privileges to access according to what information, etc. that are required to achieve compliance with data integrity (compliance in which health authorities are focusing on their inspections in recent years).

When acquiring or incorporating a new software or technological tool, a necessary stage is the determination of the user requirements (URS).

As we saw in the article What tools to use for the analysis of user requirements, the analysis of user requirements allows companies to know the current and future needs of the computerized system at the operational, functional, technological and regulatory level.

Today we want to focus on the importance of considering the user requirements that guarantee the integrity of the data (audit trail, security, data storage, etc.) in the acquisition of new software in addition to those requirements that are functional.

Consider regulatory user requirements when purchasing new software

It is a common situation for many companies that not all of their automated systems comply with technical standards that ensure compliance with GxP unless they update or replace certain systems.

Ensuring that the new software will allow us to operate legally and in accordance with the GxP requires 3 key steps.

Analyze and establish regulatory user requirements

At Oqotech, we generate a report of user requirements through the VSM workshop – Value Stream Mapping of Value Flow Mapping. For the case at hand, this analysis of user requirements allows us to know what features technology should include ensuring that the data is complete (control systems that ensure data integrity).

For each industry, it is advisable to analyze the current regulation, although some of those software requirements may be:

Validation of systems to guarantee accuracy, reliability and the ability to detect invalid or altered records.
The ability to generate accurate and complete copies of records in both legible and electronic formats.
Protection of records to allow their accurate and rapid recovery throughout the record retention period.
Limit access to the system to authorized persons.
Use of operational system checks to enforce the allowed sequence of steps and events.
Use of authority checks to ensure that only authorized persons can use the system, electronically sign a record, access the operation or input device or exit the computer system, alter a record or perform the operation in question.
Use of device controls to determine the validity of the data entry source.
Use of appropriate controls on the documentation of the systems.

Select a supplier and tool that incorporates the required technical characteristics

Once we know all the user requirements, we must select the tool that meets those requirements. The new software must allow ensuring traceability and security throughout the life cycle of the data.

This is a process that requires dedication and search of supplier and product that fits as much as possible to all user requirements.

Ensure internally that it will operate in compliance

Software vendors can sell systems designed and built for companies so that the customer – who knows the specific use and purpose for which they are going to use it – can operate them in a manner compatible with the regulations. However, only from the company (either internally or with the help of a specialized team of consultants), you can ensure that it will operate in compliance.

For example, certain software can provide the functionality of an audit trail. However, even if the system incorporates it, the company may choose not to activate it. Or it may happen that the audit trail is activated but not readable for people, or that only captures a fraction of the operations, or that the amount of data from the audit trail is so voluminous that it becomes unmanageable. Situations that can lead companies not to operate according to GxP despite having new technology.

Therefore, it is essential to have a specialized team that knows the current regulatory framework and can advise on the purchase of new software on what the regulatory user requirements are, it the software also solves that need (in addition to operational and functional needs) and if the organization is being used appropriately.

Our team of expert consultants can help you select the appropriate systems and suppliers, facilitating validation and compliance with the regulation of each sector. You can send us your questions through our Contact form.

[short_blog_EN_zoho]

GxP requirements to be considered in new software

Consider regulatory user requirements when purchasing new software

Analyze and establish regulatory user requirements

Select a supplier and tool that incorporates the required technical characteristics

Ensure internally that it will operate in compliance

Related posts

The CAPA system or management of corrective and preventive actions

OQOTECH is certified to ISO 9001:2015 and ISO 14001:2015 norms

Life cycle of computerized systems associated with manufacturing management in the pharmaceutical sector.

The CAPA system or management of corrective and preventive actions

OQOTECH is certified to ISO 9001:2015 and ISO 14001:2015 norms

Life cycle of computerized systems associated with manufacturing management in the pharmaceutical sector.