Friday Feature Focus – Digital Computer System Validation Platform
Computerized System Validation
Computerized system validation (CSV) is the documented process of assuring that a computerized system works as intended in a consistent manner. The validation process begins with the system requirements definition and continues until system retirement and in accordance with e-records regulatory retention rules.
The FDA requires the following types of software systems to be validated.
- Software used in the production of products under FDA regulation.
- Software used to implement an FDA-required Quality Management System.
- Software used as a Medical Device component, part, or accessory of a medical device, or a stand-alone Software as a Medical Device (SaMD).
Many Life Sciences organizations are still performing validation on paper but most agree that digitizing CSV would result in significant gains in efficiency and compliance. Digitizing computer system validation results in a reduction in labor hours spent developing documents, more consistency across documents, increased compliance with corporate and regulatory requirements, and increased transparency and traceability.
The concept of digitizing CSV isn’t new, but prior attempts have failed due to the lack of purpose-built digital CSV solutions. In the past, organizations attempted to use a variety of non-purpose built digital solutions such as document management and SDLC applications. Unfortunately, these applications proved insufficient to meet the needs of CSV and their adopters typically fall back to the process of printing to paper, walking around to obtain wet-signatures, scanning documents and uploading them into these old and antiquated document-based systems.
Digitizing Computer System Validation
Despite previous failed attempts, the Life Sciences industry is warming to the use of a new age of purpose-built Digital CSV solutions. ValidateMyApp.com uses a data-driven approach to CSV designed by industry experts with both compliance and efficiency gains in mind resulting in the higher assurance of accuracy, completeness, authenticity, and transparency of CSV data and processes. A true purpose-built digital CSV solution, ValidateMyApp.com includes the following essential capabilities.
- Requirements Management
- Artifact Versioning
- Template Library
Data Integrity Management
- Audit Log
- Action Log
- Process Workflow Designer
- Test Execution
- Deviation Management
Universal Platform Components
- Sharing & Permissions
- Email Engine
- Process Automation
- Dashboards & Reports
- Mobile Accessibility
- Multiple Environment
- External System Integration
With the Validation Manager, customers start their validation journey with step by step guidance beginning with a set of out of the box data-driven digital Computer System Validation (CSV) artifact and standard operating procedure (SOP) templates listed below. These templates are cloned into system artifacts and added to a validation suite where they are filled, reviewed, approved and versioned.
- Electronic Records and Signatures
- System Change Control
- Network Security
- Physical Security
- System Administration and Maintenance
- Business Continuity
- Disaster Recovery
- Periodic Review
- Risk Management
- Deviation Management
- System Retirement
- Record Retention
- User Requirements Specification
- Functional Requirements Specification
- Configuration Specification
- Design Specification
- Code Review
- Validation Plan
- Risk Assessment
- Change Impact Assessment
- Installation Qualification
- Operational Qualification
- Performance Qualification
- Requirements Trace Matrix
- Validation Summary Report
Data Integrity Management
The FDA summarizes its data integrity requirements for complete, consistent, and accurate data with the acronym “ALCOA” standing for Attributable, Legible, Contemporaneous, Original, and Accurate. ValidateMyApp was designed with ALCOA in mind delivering compliant audit trail, action logs, and workflow to ensure data integrity.
Audit Log and Action Logs
|Attributable||Who performed an action or made changes to a record and when.||ValidateMyApp logs changes to data, configuration, and actions performed.|
|Legible||All data recorded must be legible (readable) and permanent.||All data and metadata in ValidateMyApp are stored in a human-readable format.|
|Contemporaneous||Data, results, and measurements must be recorded at the time the work is performed.||ValidateMyApp audit logs include the date and time stamp of all changes as they occur. The audit log cannot be backdated.|
|Original||Source data/primary data must be preserved.||Data is entered directly into ValidateMyApp as the source.|
|Accurate||Data and records are free from errors, complete and truthful.||The combination of configurable workflow, acknowledgments, and business rules in ValidateMyApp ensure completeness and accuracy.|
Workflow Route Designer
Audit and Action logs play a significant role in complying with ALCOA however, Workflow Routing is another key component. The ValidateMyApp Workflow Route Designer provides an intuitive UI to configure workflow routes for various ValidateMyApp records.
Once configured, the system guides authorized users through the workflow process, sends email reminders, initiates validation rules, conditionally locks records from editing, and much more.
ValidateMyApp has plenty to offer when it comes to test management. IQ, OQ, and PQ protocols go through a pre-execution approval process. Once approved, the protocols may then be assigned to a test cycle for execution. Testers are then assigned and test execution can begin. During execution, testers can view instructions, record results, approve/fail the steps, upload files, and create deviations within the test management module.
Deviations can be routed to various stakeholders such as the product owner, quality representative, and developers for additional information and review. Once the deviation is ready to be fixed, it can be routed to the developer for resolution. Once resolved, the failed test is re-routed for test re-execution.
Once a test case has completed test execution successfully, it can be reviewed by the product owner and quality representation for final approval.
Test cases are fully traceable to specifications and requirements providing full transparency into the process and achievement of intended use.
A summary report is automatically generated including a list of all test cases included in the test cycle along with their execution status.
Universal Platform Components
When evaluating a SaaS CSV Solution it is important to ask about the base platform capabilities. Some SaaS providers include an underlying platform that includes a variety of additional applications and services regardless of your intended use. You can think of these as horizontal applications/services. ValidateMyApp is built on the Salesforce.com platform which includes the following out of the box applications/services. All ValidateMyApp customers receive these applications/services in addition to the ValidateMyApp core capabilities discussed above.
ValidateMyApp automatically enables certain authentication methods. These methods include passwords, cookies, and identity verification. In addition to these, you can enable and configure user authentication methods to best fit your organization’s needs. These methods include the following and more.
- Single Sign-On uses your existing single sign-on capability to simplify and standardize user authentication.
- Network-based security limits where users can log in from, and when they can log in.
- Two Factor Authentication
- Certificate-Based Authentication
Sharing & Permissions
Sharing and Permissions rules can be configured to share or restrict access to records in the system. A great example is defining sharing rules to segregate records for different divisions within a large organization.
With the email engine, customers can create reuseable email templates to be used in automated email notifications associated with processes, events, or changes to data.
Easily automate complex business processes without any code. Simply identify the process criteria and automatically update or create new records, emails, and tasks, or submit approval requests in a few simple declarative steps.
Dashboards & Reports
ValidateMyApp offers a powerful suite of reporting tools that work together to help you understand and act on your data.
- Build, filter, and share reports
- Visually display key metrics and trends in Dashboards
ValidateMyApp includes an enterprise-class mobile app. Simply download the app to gain instant access to your data without any additional setup.
Computer system validation lifecycle management requires multiple software environments to ensure that changes are not released into production before they are fully tested. ValidateMyApp includes multiple controlled environments in order to maintain a validated state.
- 1 Production Environment
- Multiple Test Environments
- Multiple Development Environments
Enterprise collaboration allows cross-functional subject matter experts to communicate on topics across and beyond their immediate team. The most common use of the ValidateMyApp Enterprise Collaboration functionality is to post comments and feedback on artifacts such as requirements, protocols and during test execution when questions arise. For more information refer to https://www.validatemyapp.com/2019/07/friday-feature-focus-enterprise-collaboration.
External System Integration
ValidateMyApp supports both inbound and outbound integration via SOAP APIs and REST APIs. In addition, a declarative rules-based UI is included providing configurable outbound integration to external systems that support REST API calls.
Want to learn more?
701 E Santa Clara Street Suite 42, Ventura CA 93003
(877) – 221-0767