Calibration, preventative maintenance, Asset Management in Bio-Med Applications. How to comply the FDA validation and Part 11 requirements? computer software for calibration/PM and asset management processes.
To learn about more details, please check out this article.
https://www.qualcy.com/blog/calibration-management-software-asset-management/
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
Calibration/PM and Asset Management in Bio-Med Applications
1. Simple and Effective Solution
for Equipment Calibration, PM
and OOT for ISO and FDA
Requirements Qualcy Systems Inc.
5755 Oberlin Drive, Ste # 301
San Diego, CA 92121
Ph: 1-800-921-7505
Email: info@qualcy.com
copyright@2015 Qualcy Systems Inc.
Calibration/PM and Asset
Management in Bio-Med
Applications
2. Two Key Objectives for CAL/PM Software in Bio-Med
Applications
• The computer software should be easy to use and automate manual transactions and
calculations involved in the calibration/PM and asset management processes.
• The computer software shall comply the FDA validation and Part 11 requirements
3. Part- I (Basic Process Requirements)
• Equipment Selection and Qualification
• Equipment design and selection shall be appropriate for the process requirements.
(Defined through the process validation)
• Equipment shall be properly installed (confirmed through IQ)
• Functionality of Equipment shall match the process requirements (confirmed through OQ
and PQ)
• The equipment shall be properly maintained (PMs, Repairs)
• Establish and maintain schedules for PM/Inspections. The inspections, including the date
and individual(s) conducting the inspections, shall be documented
• Maintenance activities, including the date and individual(s) performing the maintenance
activities, shall be documented
4. Part- I (Basic Process Requirements)
• The equipment shall be calibrated in regular intervals
• Establish and maintain procedures to ensure that equipment is routinely calibrated,
inspected, checked, and maintained.
• Calibration procedures shall include specific directions and limits for accuracy and
precision
• When accuracy and precision limits are not met, there shall be provisions for remedial
action to reestablish the limits and to evaluate whether there was any adverse effect on
the device's quality. These activities shall be documented.
• Calibration standards used for inspection, measuring, and test equipment shall be
traceable to national or international standards
• Calibration Records:
• The equipment identification, calibration dates, the individual performing each
calibration, and the next calibration date shall be documented
5. Compliance Requirements for CFR 820.70
• g) Equipment. Each manufacturer shall ensure that all equipment used in the manufacturing process
meets specified requirements and is appropriately designed, constructed, placed, and installed to
facilitate maintenance, adjustment, cleaning, and use.
• (1) Maintenance schedule. Each manufacturer shall establish and maintain schedules for the adjustment,
cleaning, and other maintenance of equipment to ensure that manufacturing specifications are met.
Maintenance activities, including the date and individual(s) performing the maintenance activities, shall
be documented.
• (2) Inspection. Each manufacturer shall conduct periodic inspections in accordance with established
procedures to ensure adherence to applicable equipment maintenance schedules. The inspections,
including the date and individual(s) conducting the inspections, shall be documented.
• (3) Adjustment. Each manufacturer shall ensure that any inherent limitations or allowable tolerances are
visibly posted on or near equipment requiring periodic adjustments or are readily available to personnel
performing these adjustments.
copyright@2015 Qualcy Systems Inc.
Sec. 820.70 Production and process controls.
6. FDA Requirement for 21 CFR 820.72
copyright@2015 Qualcy Systems Inc.
Sec. 820.72 Inspection, measuring, and test equipment.
(a) Control of inspection, measuring, and test equipment. Each manufacturer shall ensure that all inspection, measuring, and
test equipment, including mechanical, automated, or electronic inspection and test equipment, is suitable for its intended
purposes and is capable of producing valid results. Each manufacturer shall establish and maintain procedures to ensure
that equipment is routinely calibrated, inspected, checked, and maintained. The procedures shall include provisions for
handling, preservation, and storage of equipment, so that its accuracy and fitness for use are maintained. These activities
shall be documented.
(b) Calibration. Calibration procedures shall include specific directions and limits for accuracy and precision. When accuracy
and precision limits are not met, there shall be provisions for remedial action to reestablish the limits and to evaluate
whether there was any adverse effect on the device's quality. These activities shall be documented.
(1) Calibration standards. Calibration standards used for inspection, measuring, and test equipment shall be traceable to
national or international standards. If national or international standards are not practical or available, the manufacturer
shall use an independent reproducible standard. If no applicable standard exists, the manufacturer shall establish and
maintain an in-house standard.
(2) Calibration records. The equipment identification, calibration dates, the individual performing each calibration, and the
next calibration date shall be documented. These records shall be displayed on or near each piece of equipment or shall be
readily available to the personnel using such equipment and to the individuals responsible for calibrating the equipment.
7. Part -II
How to comply the FDA validation and Part 11 requirements?
8. General Guidance for Computer Software
Validation(CSV) and Part11 compliance
• Part11 Compliance Requirement:
• When records in electronics format is maintained to comply with any of the provisions of the Current Good
Manufacturing Practice regulations (21 CFR Part 211), the Quality System regulation (21 CFR Part 820), and the
Good Laboratory Practice for Nonclinical Laboratory Studies regulations (21 CFR Part 58)
• FDA Guidance on Validation:
• Establishing documented evidence which provides a high degree of assurance that a Computer System will
consistently produce results that meet its predetermined specification and quality attributes
9. General Guidance for Computer Software
Validation(CSV) and Part11 compliance
• Closed systems
• The systems and applications in which the user access and permissions are controlled.
Examples include- Windows applications or web based applications where UserID and
PW are required to log in and access information and changes are controlled.
• Closed systems are recommended and preferred for compliance with 21 CFR Part11
requirements.
• Open Systems
• The systems and applications where the user access is not controlled. The open systems
allows users to access and change data and underlying programs. Examples include –
Unix O.S, Open Excel spreadsheets.
10. General Guidance for Computer Software
Validation(CSV) and Part11 compliance
• Computer systems should be validated depending upon the risk assessment results to meet the
predicate rule requirements
• Computer systems shall provide audit trails (§ 11.10 (e), (k)(2) and any corresponding
requirement in §11.30).
• Persons must still comply with all applicable predicate rule requirements related to
documentation of, for example, date (e.g., § 58.130(e)), time, or sequencing of events, as well as
any requirements for ensuring that changes to records do not obscure previous entries
• Computer systems should be able to print or export records into .pdf, XML and other formats.
• Protection and retention of electronics records over the life cycle of the records
11. High Risk Part 11 requirements
• Limiting system access to authorized individuals
• Use of operational system checks
• Use of authority checks
• Use of device checks
• Determination that persons who develop, maintain, or use electronic systems have the education,
training, and experience to perform their assigned tasks
• Establishment of and adherence to written policies that hold individuals accountable for actions
initiated under their electronic signatures
• Appropriate controls over systems documentation
• Controls for open systems corresponding to controls for closed systems bulleted above (§11.30)
• Requirements related to electronic signatures (e.g., §§ 11.50, 11.70, 11.100, 11.200, and 11.300)
12. 21CFR Part 11 Requirements - Regulatory/Compliance Requirements
URS No. Description of the Requirement System Design/(Features and Solutions)
URS-7.9.1 21 CFR Part 11.10(b): All electronic records can be printed and/or viewed on the screen. These
electronic records can be copied to removable media and/or transferred over a network.
Application Design, Data base and File System/ (All records can be printed in .pdf
format, the search and query data can be exported to Excel)
URS-7.9.2
21 CFR Part 11.10(c): A retention period(s) shall be defined for all electronic records. These
electronic records shall be protected from loss and alteration over the retention period(s). The
user shall be able to retrieve these electronic records in a reasonable time over this retention
period(s).
Offline SOP/WI for data back up and disaster recovery, Training System and
Records/(the retention period is documented in the license agreement, automated
data back up )
URS-7.9.3
21 CFR Part 11.10(d): The system shall use logical security to control access to the system such
that user needs to use user ID and password granted by the system to log on to the system.
User Management/
(Each user is assigned unique ID by the system. Both ID and PW are required for
log in to the system. The user has option to change password)
URS-7.9.4
21 CFR Part 11.10(e): The system shall employ a computer-generated audit trail to independently
record the date, time and user ID when electronic records are created, modified, or deleted.
Application Design, Data base and File System/ (All changes are tracked with time
stamp and UserID when any changes are made to electronics records)
URS-7.9.5
21 CFR Part 11.10(e): Upon making a change to an electronic record, information from previous
version of the record shall be available for retrieval (i.e., not obscured by the change).
Application Design, Data base and File System/ (entire history of changes are
available in the audit trail, with time stamp and userId)
URS-7.9.6
21 CFR Part 11.10(e): The audit trail shall always be on. The audit trail shall be protected from
modification. The user shall be able to retrieve the audit trail at any time throughout the record’s
retention period for review or copying.
Application Design, Data base and File System/ (The audit trail is always on by
design, no option for tampering or changing the audit trail for any user. Any user
can access the audit trail anytime)
URS-7.9.7
21 CFR Part 11.10(f): The system shall enforce sequencing of steps and events of an operation
(e.g., Cal/PM record creation, review and approval of the Cal/PM records, OOT record creation,
Investigation of the OOT records, Review and approval of OOT records)
System Workflow design/ (the work flow is executed in steps- creation of record,
submit for review, reject/approval)
21 CFR Part 11.10(g): The system shall use authority checks to ensure only individuals with the
User Management/ ( option for assignment of roles- author, prj. Owner,
coordinator, approver, admin, The approvers have department description. Only
Admin role can create new users.)
13. URS No. Description of the Requirement System Design/(Features and Solutions)
URS-7.9.9
21 CFR Part 11.10(i): There shall be documentation (training records) to show that persons who
develop, maintain, or use electronic record systems have the education, training, and experience to
perform their assigned tasks
Offline -Training System and Records/(User training provided for users
including admin roles, the training records are provided)
URS-7.9.10
21 CFR Part 11.10(k)(1): There shall be adequate control of the distribution, access, and use of
documentation (e.g. SOP, work instruction, user manual) for the system’s operation and
maintenance.
System Documentation/ (SOP for system’s operation and SOP for
system maintenance and control)
URS-7.9.11
21 CFR Part 11.10(k)(2): If changes to system documentation are controlled in paper form, the
documentation shall have revision control and revision history. If changes to system
documentation are controlled in electronic form, the electronic system documentation shall have a
computer-generated audit trail that meets the requirements of 21 CFR Part 11.10(e).
System Documentation/(The changes for system documentation are
maintained in paper form)
URS-7.10.1
21 CFR Part 11.50(a): Every signed electronic record shall contain the following signature
manifestation information associated with the signing: 1) Printed full name of the signer, 2) Date
and time when the signature was executed, 3) Meaning of the signing (e.g. approval, authorship).
Work Flow and Audit Trail/(E-sign contains userID, PW and
reason/meaning)
URS-7.10.2
21 CFR Part 11.50(b): The signature manifestation information (i.e. printed full name of the
signer, date and time of the signing, and meaning of signing) shall be readily available for display
on the screen and printed out by every user.
Work Flow and Audit Trail/(The E-sign information can be printed into
.pdf document by any user)
URS-7.10.3
21 CFR Part 11.70: Electronic signatures executed to electronic records shall be linked to their
respective electronic records to ensure that the signature cannot be excised, copied or otherwise
transferred to falsify an electronic record.
Audit Trail/ (Esign are linked to respective records. The system does
not allow changes to E-sign or audit trails)
URS-7.10.4
21 CFR Part 11.70: The system shall maintain the link between the electronic signature and its
electronic record for the life of that record.
Esign and Audit Trail/ (Esign are linked to respective records. The
system does not allow changes to E-sign or Audit trails)
14. URS No. Description of the Requirement System Design/(Features and Solutions)
URS-7.10.5
21 CFR Part 11.100(a) & 11.300(a): Each electronic signature shall be made up of two
components: user ID and password. The user ID shall be unique such that no two or more
individuals having the same user ID. The password shall only be known to the individual user.
User Management/ (the E-sign contains userID, PW and reason/meaning. By
design system assigns unique userID. The userID can not be repeated )
URS-7.10.6
21 CFR Part 11.100(a) & 11.300(a): User IDs shall never be reused or reassigned even if a
user moves to a different position or leaves the company.
User Management/ (By design system assigns unique userID. The userID can
not be repeated )
URS-7.10.7
21 CFR Part 11.200(a)(1): Both signature components (i.e. user ID and password) have to be
executed at each time of signing.
Work Flow e-Signature/ (Both userID and PW are required for the execution of
UserID)
URS-7.10.8
21 CFR Part 11.200(a)(1)(i) & (a)(1)(ii): The system shall automatically log off after a period
of inactivity.
Application design/ (The system logs off after 30 min or set time for inactivity of
sessions)
URS-7.10.9
21 CFR Part 11.10(g): The system shall verify the user’s access level to ensure that only
authorized user can electronically sign a record.
Work Flow E-Signature/ (option for assignment of roles- author, prj. Owner,
coordinator, approver, admin. Only users with Approver role can review
and approve the records)
URS-7.10.10
21 CFR Part 11.300(b): The system shall periodically check, recall or revise user IDs and
passwords to prevent password aging.
60-day password change option/ (Built in password reset policy)
URS-7.10.11
21 CFR Part 11.300(d): The system shall have transaction safeguards to prevent
unauthorized use of passwords and/or identification codes, and to detect and report in an
immediate and urgent manner any attempts at their unauthorized use to the system security
unit, and as appropriate, to organizational management.
Application design/ Password reset after initial registration, account lock after 3
mis-attempts
15. Compliance with 21 CFR Part 11 requirements
• URS (user requirement specification) for each of the compliance requirements in the 21 CFR part
11.
• Assign unique URS No. for each of the 21 CFR Part 11 requirements
• SRS (system requirement specifications) for each of the URS
• Assign unique SRS numbers for the SRS
• Test cases to generate objective evidence that the system meets both URS and SRS requirements
• Assign unique Test case ID numbers for the test cases
• TM(Traceability Matrix) to provide objective evidence that the URS are linked to the Test Case IDs
• Review and approval of the documents for URS, SRS, TM
16. Compliance with 21 CFR Part 11 requirements
• Detailed SOP with screenshots for operation and control of the functions in the Qualcy Cal/PM
application
• Detailed SOP with screenshots for user access control and system administration function
• SOP for change control of systems documents
• SOP for data back up and disaster recovery
• Trainings for the users and system administrators
17. Compliance with 21 CFR Part 11 requirements
• IQ (Installation Qualification): IQ protocol and report is generated for the installation of supporting
applications, network settings, security and SSL settings.
• OQ(Operational Qualification): OQ protocol and report is generated based on the results of testing
of the functionalities and compliance requirements, including part11 requirements. Each testing
report and supporting data are attached to the OQ report.
• PQ(Performance Qualification): PQ protocol and report is generated by the users with
recommended scripts from Qualcy.
19. Contact Us
Qualcy Systems Inc.
5755 Oberlin Drive, Ste # 301
San Diego, CA 92121
Ph: 1-800-921-7505
Email: info@qualcy.com
For sample copies of URS, SRS, Trace Matrix or any questions regarding
Computer System Validation or Part 11 compliance, please call us or send
an email.