When it comes to safety systems, Qualified Persons in Pharmacovigilance (QPPV) must take into consideration the guidelines and legislation laid out by regulatory agencies. Computer systems used to manage safety data are subject to rigorous validation testing to determine if they are suitable to manage safety data in the clinical environment.
ANATOMY AND PHYSIOLOGY OF REPRODUCTIVE SYSTEM.pptx
What qppvs need to know about computer system validation for phv systems.
1. WHAT QPPVS NEED TO KNOW ABOUT COMPUTER SYSTEM VALIDATION FOR
PHV SYSTEMS
When it comes to safety systems, Qualified Persons in Pharmacovigilance (QPPV) must take into
consideration the guidelines and legislation laid out by regulatory agencies. Computer systems
used to manage safety data are subject to rigorous validation testing to determine if they are
suitable to manage safety data in the clinical environment.
Good Vigilance Practices (GVP) dictates that “there should be processes in place to keep
awareness of the valid technologies in their valid versions to keep the IT systems up-to-date
accordingly”. GVP Module VI addresses the need for a quality management system to ensure
compliance with standards and documentation including data collection, transfer and
management.
What questions should QPPVs be asking in terms of pharmacovigilance systems?
– Do you have documented evidence to prove your system works as expected?
– Are your systems developed, used and supported in a controlled manner?
– Are you in compliance with 21 CFR Part 11 and/or EU Annex 11 and other state/local regulations
such as data privacy laws?
– Have you performed a GVP risk assessment of your systems to tailor the validation effort in
accordance with GAMP 5?
– Are your systems validated according to industry and international standards?
Between 40-60% of software defects can be traced back to errors made during the
planning/requirements stage.
However, once a computer system is validated, it is important to maintain its validated status. This
implies having a robust change control process in place as well as periodic reviews of the
validation status.
2. If PhV systems are not maintained, QPPVs run the following risks:
– New vulnerabilities will no longer be collected, reported or analyzed
– Cyber attack on data integrity confidentiality
– Non-compliance with industry standards
– Critical findings during regulatory inspections
Solutions for Validating and Maintaining PhV Systems
ARITHMOS recommends either a strategic or maintenance approach to computer system
validation.
A strategic approach starts with a risk assessment and planning for the validation of a system
followed by project execution. On the other hand, a maintenance approach ensures systems are
always validated and in accordance with regulatory standards through periodic reviews and
change control management with an expert team.
ARITHMOS has an expert team of consultants who can provide strategic support for validation
projects as well as day-to-day support for maintenance, revision and verification activities
regarding the validation status of applications. To optimize the validation process, ARITHMOS
applies an approach based on pragmatic risk and efficacy assessment in order to focus on the
more critical areas of validation.
ARITHMOS can also provide consultancy for cloud-based PhV applications in the pharmaceutical
environment including an analysis of the impact of security issues. We have implemented an
Information Security Management System (ISMS) in compliance with ISO/IEC 27001:2013
international standard for the protection of information in the life sciences environment –
especially for organizations conducting clinical studies and managing various types of information
in different formats.