Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Simple and Effective Solution
for Equipment Calibration, PM
and OOT for ISO and FDA
Requirements Qualcy Systems Inc.
5755 ...
Two Key Objectives for CAL/PM Software in Bio-Med
Applications
• The computer software should be easy to use and automate ...
Part- I (Basic Process Requirements)
• Equipment Selection and Qualification
• Equipment design and selection shall be app...
Part- I (Basic Process Requirements)
• The equipment shall be calibrated in regular intervals
• Establish and maintain pro...
Compliance Requirements for CFR 820.70
• g) Equipment. Each manufacturer shall ensure that all equipment used in the manuf...
FDA Requirement for 21 CFR 820.72
copyright@2015 Qualcy Systems Inc.
Sec. 820.72 Inspection, measuring, and test equipment...
Part -II
How to comply the FDA validation and Part 11 requirements?
General Guidance for Computer Software
Validation(CSV) and Part11 compliance
• Part11 Compliance Requirement:
• When recor...
General Guidance for Computer Software
Validation(CSV) and Part11 compliance
• Closed systems
• The systems and applicatio...
General Guidance for Computer Software
Validation(CSV) and Part11 compliance
• Computer systems should be validated depend...
High Risk Part 11 requirements
• Limiting system access to authorized individuals
• Use of operational system checks
• Use...
21CFR Part 11 Requirements - Regulatory/Compliance Requirements
URS No. Description of the Requirement System Design/(Feat...
URS No. Description of the Requirement System Design/(Features and Solutions)
URS-7.9.9
21 CFR Part 11.10(i): There shall ...
URS No. Description of the Requirement System Design/(Features and Solutions)
URS-7.10.5
21 CFR Part 11.100(a) & 11.300(a)...
Compliance with 21 CFR Part 11 requirements
• URS (user requirement specification) for each of the compliance requirements...
Compliance with 21 CFR Part 11 requirements
• Detailed SOP with screenshots for operation and control of the functions in ...
Compliance with 21 CFR Part 11 requirements
• IQ (Installation Qualification): IQ protocol and report is generated for the...
References
• https://www.fda.gov/downloads/regulatoryinformation/guidances/ucm125125.pdf
• https://www.accessdata.fda.gov/...
Contact Us
Qualcy Systems Inc.
5755 Oberlin Drive, Ste # 301
San Diego, CA 92121
Ph: 1-800-921-7505
Email: info@qualcy.com...
Upcoming SlideShare
Loading in …5
×

Calibration/PM and Asset Management in Bio-Med Applications

164 views

Published on

Calibration, preventative maintenance, Asset Management in Bio-Med Applications. How to comply the FDA validation and Part 11 requirements? computer software for calibration/PM and asset management processes.

To learn about more details, please check out this article.
https://www.qualcy.com/blog/calibration-management-software-asset-management/

Published in: Business
  • Be the first to comment

  • Be the first to like this

Calibration/PM and Asset Management in Bio-Med Applications

  1. 1. Simple and Effective Solution for Equipment Calibration, PM and OOT for ISO and FDA Requirements Qualcy Systems Inc. 5755 Oberlin Drive, Ste # 301 San Diego, CA 92121 Ph: 1-800-921-7505 Email: info@qualcy.com copyright@2015 Qualcy Systems Inc. Calibration/PM and Asset Management in Bio-Med Applications
  2. 2. Two Key Objectives for CAL/PM Software in Bio-Med Applications • The computer software should be easy to use and automate manual transactions and calculations involved in the calibration/PM and asset management processes. • The computer software shall comply the FDA validation and Part 11 requirements
  3. 3. Part- I (Basic Process Requirements) • Equipment Selection and Qualification • Equipment design and selection shall be appropriate for the process requirements. (Defined through the process validation) • Equipment shall be properly installed (confirmed through IQ) • Functionality of Equipment shall match the process requirements (confirmed through OQ and PQ) • The equipment shall be properly maintained (PMs, Repairs) • Establish and maintain schedules for PM/Inspections. The inspections, including the date and individual(s) conducting the inspections, shall be documented • Maintenance activities, including the date and individual(s) performing the maintenance activities, shall be documented
  4. 4. Part- I (Basic Process Requirements) • The equipment shall be calibrated in regular intervals • Establish and maintain procedures to ensure that equipment is routinely calibrated, inspected, checked, and maintained. • Calibration procedures shall include specific directions and limits for accuracy and precision • When accuracy and precision limits are not met, there shall be provisions for remedial action to reestablish the limits and to evaluate whether there was any adverse effect on the device's quality. These activities shall be documented. • Calibration standards used for inspection, measuring, and test equipment shall be traceable to national or international standards • Calibration Records: • The equipment identification, calibration dates, the individual performing each calibration, and the next calibration date shall be documented
  5. 5. Compliance Requirements for CFR 820.70 • g) Equipment. Each manufacturer shall ensure that all equipment used in the manufacturing process meets specified requirements and is appropriately designed, constructed, placed, and installed to facilitate maintenance, adjustment, cleaning, and use. • (1) Maintenance schedule. Each manufacturer shall establish and maintain schedules for the adjustment, cleaning, and other maintenance of equipment to ensure that manufacturing specifications are met. Maintenance activities, including the date and individual(s) performing the maintenance activities, shall be documented. • (2) Inspection. Each manufacturer shall conduct periodic inspections in accordance with established procedures to ensure adherence to applicable equipment maintenance schedules. The inspections, including the date and individual(s) conducting the inspections, shall be documented. • (3) Adjustment. Each manufacturer shall ensure that any inherent limitations or allowable tolerances are visibly posted on or near equipment requiring periodic adjustments or are readily available to personnel performing these adjustments. copyright@2015 Qualcy Systems Inc. Sec. 820.70 Production and process controls.
  6. 6. FDA Requirement for 21 CFR 820.72 copyright@2015 Qualcy Systems Inc. Sec. 820.72 Inspection, measuring, and test equipment. (a) Control of inspection, measuring, and test equipment. Each manufacturer shall ensure that all inspection, measuring, and test equipment, including mechanical, automated, or electronic inspection and test equipment, is suitable for its intended purposes and is capable of producing valid results. Each manufacturer shall establish and maintain procedures to ensure that equipment is routinely calibrated, inspected, checked, and maintained. The procedures shall include provisions for handling, preservation, and storage of equipment, so that its accuracy and fitness for use are maintained. These activities shall be documented. (b) Calibration. Calibration procedures shall include specific directions and limits for accuracy and precision. When accuracy and precision limits are not met, there shall be provisions for remedial action to reestablish the limits and to evaluate whether there was any adverse effect on the device's quality. These activities shall be documented. (1) Calibration standards. Calibration standards used for inspection, measuring, and test equipment shall be traceable to national or international standards. If national or international standards are not practical or available, the manufacturer shall use an independent reproducible standard. If no applicable standard exists, the manufacturer shall establish and maintain an in-house standard. (2) Calibration records. The equipment identification, calibration dates, the individual performing each calibration, and the next calibration date shall be documented. These records shall be displayed on or near each piece of equipment or shall be readily available to the personnel using such equipment and to the individuals responsible for calibrating the equipment.
  7. 7. Part -II How to comply the FDA validation and Part 11 requirements?
  8. 8. General Guidance for Computer Software Validation(CSV) and Part11 compliance • Part11 Compliance Requirement: • When records in electronics format is maintained to comply with any of the provisions of the Current Good Manufacturing Practice regulations (21 CFR Part 211), the Quality System regulation (21 CFR Part 820), and the Good Laboratory Practice for Nonclinical Laboratory Studies regulations (21 CFR Part 58) • FDA Guidance on Validation: • Establishing documented evidence which provides a high degree of assurance that a Computer System will consistently produce results that meet its predetermined specification and quality attributes
  9. 9. General Guidance for Computer Software Validation(CSV) and Part11 compliance • Closed systems • The systems and applications in which the user access and permissions are controlled. Examples include- Windows applications or web based applications where UserID and PW are required to log in and access information and changes are controlled. • Closed systems are recommended and preferred for compliance with 21 CFR Part11 requirements. • Open Systems • The systems and applications where the user access is not controlled. The open systems allows users to access and change data and underlying programs. Examples include – Unix O.S, Open Excel spreadsheets.
  10. 10. General Guidance for Computer Software Validation(CSV) and Part11 compliance • Computer systems should be validated depending upon the risk assessment results to meet the predicate rule requirements • Computer systems shall provide audit trails (§ 11.10 (e), (k)(2) and any corresponding requirement in §11.30). • Persons must still comply with all applicable predicate rule requirements related to documentation of, for example, date (e.g., § 58.130(e)), time, or sequencing of events, as well as any requirements for ensuring that changes to records do not obscure previous entries • Computer systems should be able to print or export records into .pdf, XML and other formats. • Protection and retention of electronics records over the life cycle of the records
  11. 11. High Risk Part 11 requirements • Limiting system access to authorized individuals • Use of operational system checks • Use of authority checks • Use of device checks • Determination that persons who develop, maintain, or use electronic systems have the education, training, and experience to perform their assigned tasks • Establishment of and adherence to written policies that hold individuals accountable for actions initiated under their electronic signatures • Appropriate controls over systems documentation • Controls for open systems corresponding to controls for closed systems bulleted above (§11.30) • Requirements related to electronic signatures (e.g., §§ 11.50, 11.70, 11.100, 11.200, and 11.300)
  12. 12. 21CFR Part 11 Requirements - Regulatory/Compliance Requirements URS No. Description of the Requirement System Design/(Features and Solutions) URS-7.9.1 21 CFR Part 11.10(b): All electronic records can be printed and/or viewed on the screen. These electronic records can be copied to removable media and/or transferred over a network. Application Design, Data base and File System/ (All records can be printed in .pdf format, the search and query data can be exported to Excel) URS-7.9.2 21 CFR Part 11.10(c): A retention period(s) shall be defined for all electronic records. These electronic records shall be protected from loss and alteration over the retention period(s). The user shall be able to retrieve these electronic records in a reasonable time over this retention period(s). Offline SOP/WI for data back up and disaster recovery, Training System and Records/(the retention period is documented in the license agreement, automated data back up ) URS-7.9.3 21 CFR Part 11.10(d): The system shall use logical security to control access to the system such that user needs to use user ID and password granted by the system to log on to the system. User Management/ (Each user is assigned unique ID by the system. Both ID and PW are required for log in to the system. The user has option to change password) URS-7.9.4 21 CFR Part 11.10(e): The system shall employ a computer-generated audit trail to independently record the date, time and user ID when electronic records are created, modified, or deleted. Application Design, Data base and File System/ (All changes are tracked with time stamp and UserID when any changes are made to electronics records) URS-7.9.5 21 CFR Part 11.10(e): Upon making a change to an electronic record, information from previous version of the record shall be available for retrieval (i.e., not obscured by the change). Application Design, Data base and File System/ (entire history of changes are available in the audit trail, with time stamp and userId) URS-7.9.6 21 CFR Part 11.10(e): The audit trail shall always be on. The audit trail shall be protected from modification. The user shall be able to retrieve the audit trail at any time throughout the record’s retention period for review or copying. Application Design, Data base and File System/ (The audit trail is always on by design, no option for tampering or changing the audit trail for any user. Any user can access the audit trail anytime) URS-7.9.7 21 CFR Part 11.10(f): The system shall enforce sequencing of steps and events of an operation (e.g., Cal/PM record creation, review and approval of the Cal/PM records, OOT record creation, Investigation of the OOT records, Review and approval of OOT records) System Workflow design/ (the work flow is executed in steps- creation of record, submit for review, reject/approval) 21 CFR Part 11.10(g): The system shall use authority checks to ensure only individuals with the User Management/ ( option for assignment of roles- author, prj. Owner, coordinator, approver, admin, The approvers have department description. Only Admin role can create new users.)
  13. 13. URS No. Description of the Requirement System Design/(Features and Solutions) URS-7.9.9 21 CFR Part 11.10(i): There shall be documentation (training records) to show that persons who develop, maintain, or use electronic record systems have the education, training, and experience to perform their assigned tasks Offline -Training System and Records/(User training provided for users including admin roles, the training records are provided) URS-7.9.10 21 CFR Part 11.10(k)(1): There shall be adequate control of the distribution, access, and use of documentation (e.g. SOP, work instruction, user manual) for the system’s operation and maintenance. System Documentation/ (SOP for system’s operation and SOP for system maintenance and control) URS-7.9.11 21 CFR Part 11.10(k)(2): If changes to system documentation are controlled in paper form, the documentation shall have revision control and revision history. If changes to system documentation are controlled in electronic form, the electronic system documentation shall have a computer-generated audit trail that meets the requirements of 21 CFR Part 11.10(e). System Documentation/(The changes for system documentation are maintained in paper form) URS-7.10.1 21 CFR Part 11.50(a): Every signed electronic record shall contain the following signature manifestation information associated with the signing: 1) Printed full name of the signer, 2) Date and time when the signature was executed, 3) Meaning of the signing (e.g. approval, authorship). Work Flow and Audit Trail/(E-sign contains userID, PW and reason/meaning) URS-7.10.2 21 CFR Part 11.50(b): The signature manifestation information (i.e. printed full name of the signer, date and time of the signing, and meaning of signing) shall be readily available for display on the screen and printed out by every user. Work Flow and Audit Trail/(The E-sign information can be printed into .pdf document by any user) URS-7.10.3 21 CFR Part 11.70: Electronic signatures executed to electronic records shall be linked to their respective electronic records to ensure that the signature cannot be excised, copied or otherwise transferred to falsify an electronic record. Audit Trail/ (Esign are linked to respective records. The system does not allow changes to E-sign or audit trails) URS-7.10.4 21 CFR Part 11.70: The system shall maintain the link between the electronic signature and its electronic record for the life of that record. Esign and Audit Trail/ (Esign are linked to respective records. The system does not allow changes to E-sign or Audit trails)
  14. 14. URS No. Description of the Requirement System Design/(Features and Solutions) URS-7.10.5 21 CFR Part 11.100(a) & 11.300(a): Each electronic signature shall be made up of two components: user ID and password. The user ID shall be unique such that no two or more individuals having the same user ID. The password shall only be known to the individual user. User Management/ (the E-sign contains userID, PW and reason/meaning. By design system assigns unique userID. The userID can not be repeated ) URS-7.10.6 21 CFR Part 11.100(a) & 11.300(a): User IDs shall never be reused or reassigned even if a user moves to a different position or leaves the company. User Management/ (By design system assigns unique userID. The userID can not be repeated ) URS-7.10.7 21 CFR Part 11.200(a)(1): Both signature components (i.e. user ID and password) have to be executed at each time of signing. Work Flow e-Signature/ (Both userID and PW are required for the execution of UserID) URS-7.10.8 21 CFR Part 11.200(a)(1)(i) & (a)(1)(ii): The system shall automatically log off after a period of inactivity. Application design/ (The system logs off after 30 min or set time for inactivity of sessions) URS-7.10.9 21 CFR Part 11.10(g): The system shall verify the user’s access level to ensure that only authorized user can electronically sign a record. Work Flow E-Signature/ (option for assignment of roles- author, prj. Owner, coordinator, approver, admin. Only users with Approver role can review and approve the records) URS-7.10.10 21 CFR Part 11.300(b): The system shall periodically check, recall or revise user IDs and passwords to prevent password aging. 60-day password change option/ (Built in password reset policy) URS-7.10.11 21 CFR Part 11.300(d): The system shall have transaction safeguards to prevent unauthorized use of passwords and/or identification codes, and to detect and report in an immediate and urgent manner any attempts at their unauthorized use to the system security unit, and as appropriate, to organizational management. Application design/ Password reset after initial registration, account lock after 3 mis-attempts
  15. 15. Compliance with 21 CFR Part 11 requirements • URS (user requirement specification) for each of the compliance requirements in the 21 CFR part 11. • Assign unique URS No. for each of the 21 CFR Part 11 requirements • SRS (system requirement specifications) for each of the URS • Assign unique SRS numbers for the SRS • Test cases to generate objective evidence that the system meets both URS and SRS requirements • Assign unique Test case ID numbers for the test cases • TM(Traceability Matrix) to provide objective evidence that the URS are linked to the Test Case IDs • Review and approval of the documents for URS, SRS, TM
  16. 16. Compliance with 21 CFR Part 11 requirements • Detailed SOP with screenshots for operation and control of the functions in the Qualcy Cal/PM application • Detailed SOP with screenshots for user access control and system administration function • SOP for change control of systems documents • SOP for data back up and disaster recovery • Trainings for the users and system administrators
  17. 17. Compliance with 21 CFR Part 11 requirements • IQ (Installation Qualification): IQ protocol and report is generated for the installation of supporting applications, network settings, security and SSL settings. • OQ(Operational Qualification): OQ protocol and report is generated based on the results of testing of the functionalities and compliance requirements, including part11 requirements. Each testing report and supporting data are attached to the OQ report. • PQ(Performance Qualification): PQ protocol and report is generated by the users with recommended scripts from Qualcy.
  18. 18. References • https://www.fda.gov/downloads/regulatoryinformation/guidances/ucm125125.pdf • https://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfcfr/CFRSearch.cfm?CFRPart=11
  19. 19. Contact Us Qualcy Systems Inc. 5755 Oberlin Drive, Ste # 301 San Diego, CA 92121 Ph: 1-800-921-7505 Email: info@qualcy.com For sample copies of URS, SRS, Trace Matrix or any questions regarding Computer System Validation or Part 11 compliance, please call us or send an email.

×