The latest computer system industry standards for data [security]

Minimize the validation documentation to reduce costs without increasing regulatory or business risk.

Many companies are outsourcing IT resources and getting involved with Software as a Service (SaaS) and cloud computing. These vendors are not regulated and therefore regulated companies must ensure compliance for both infrastructure qualification and computer system validation. It is the regulated company that wants to avoid FDA form 483s and warning letters. The seminar is intended for regulated companies, software vendors, and SaaS/Cloud providers.

The instructor addresses the latest computer system industry standards for data security, data transfer, audit trails, electronic records and signatures, software validation, and computer system validation.

security

Today the FDA performs both GxP and Part 11 inspections, the Europeans have released an updated Annex 11 regulation that expands Part 11 requirements and companies must update their systems and processes to maintain compliance.

This seminar will help you understand the specific requirements associated with local and SaaS/cloud hosting solutions.

Nearly every computerized system used in laboratory, clinical, manufacturing settings and in the quality process has to be validated.

Participants learn how to decrease software implementation times and lower costs using a 10-step risk-based approach to computer system validation.

Finally, the instructor reviews recent FDA inspection trends and discusses how to streamline document authoring, revision, review, and approval.

Objectives of the Compliant with Part 11:

  • Understand what is expected in 21 CFR Part 11 and Annex 11 inspections
  • Avoid 483 and Warning Letters
  • Learn how to buy COTS software and qualify vendors.
  • Implement a computer system using risk-based validation to gain maximum productivity and reduce cost by as much as two thirds
  • Requirements for local, SaaS, and cloud hosting
  • How to select resources and manage validation projects
  • “Right size” change control methods that allows quick and safe system evolution
  • Minimize the validation documentation to reduce costs without increasing regulatory or business risk
  • Write test cases that trace to elements of risk management
  • Protect intellectual property and keep electronic records safe

21 CFR Part 11/Annex 11 – Compliance for Electronic Records and Signatures:

  • What Part 11 means to you, not just what it says in the regulations
  • Avoid 483 and Warning Letters
  • Explore the three primary areas of Part 11 compliance: SOPs, software product features, and validation documentation
  • How SaaS/cloud computing changes qualification and validation
  • Ensure data integrity, security, and protect intellectual property
  • Understand the current computer system industry standards for security, data transfer, and audit trails
  • Electronic signatures, digital pens, and biometric signatures
  • SOPs required for the IT infrastructure
  • Product features to look for when purchasing COTS software
  • Reduce validation resources by using easy to understand fill-in-the-blank validation documents

Read more at http://bit.ly/2CVLELD_SaaS_Cloud

A to Z’s of HIPAA Privacy, Security, and Breach Notification Rules

Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them.

It is designed to provide intensive, two-day training in HIPAA compliance, including what’s new in the regulations, what’s changed recently, and what needs to be addressed for compliance by covered entities and business associates.

It provides the background and details for any manager of healthcare information privacy and security to know what are the most important privacy and security issues, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate.

Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided.

Benefits from this Rules:

  • Information Security Officers
  • Risk Managers
  • Compliance Officers
  • Privacy Officers
  • Health Information Managers
  • Information Technology Managers
  • Medical Office Managers
  • Chief Financial Officers
  • Systems Managers
  • Legal Counsel
  • Operations Directors

HIPAA Privacy Rule Principles, Policies and Procedures

  • Patient Rights under HIPAA
  • Limitations on Uses and Disclosures
  • Required Policies and Procedures
  • Training and Documentation Requirements

Recent and Proposed Changes to the HIPAA Rules

  • New Penalty Structure
  • New HIPAA Audit Program
  • New Patient Rights
  • New Obligations for Business Associates

Go through here for detailed rules

Developing Documents and Records to meet the Requirement of ISO 17025

The major challenge for most laboratories is having to develop and implement a functional Quality Management System (QMS) that not only complies with the management and technical requirements of the ISO/IEC 17025:2005 standard, but also meets the laboratory’s needs. This is why QMS is considered the soul of the ISO/IEC 17025:2005 standard.

A highly meaningful and valuable learning session on how to accomplish this is being organized by GlobalCompliancePanel, a leading provider of professional trainings for the areas of regulatory compliance. The Director at this two-day seminar is Michael Brodsky, President of Brodsky Consultants and a Past President of the Ontario Food Protection Association (OFPA), The International Association for Food Protection (IAFP) and AOAC International. To enroll for this seminar, please log on to

http://www.globalcompliancepanel.com/control/globalseminars/~product_id=900445SEMINAR?developing-documents-records-SFO. This seminar has been pre-approved by RAPS as eligible for up to 12 credits towards a participant’s RAC recertification upon full completion.

Compliance with ISO is a core requirement

A QMS that complies with the management and technical requirements of the ISO/IEC 17025:2005 standard is the core criterion for accreditation, as well as the backbone of this standard. Michael will familiarize participants with how with how laboratories can accomplish this in depth.

quality-management-system

The Quality System Manual (QMS) is indispensable in a QMS environment because, much like its predecessor –Good Laboratory Practice (GLP) –it contains the policies that the laboratory is expected to follow to achieve Quality results. However, it is only the “what to do” component of a QMS. What laboratories also need are the “how to do it” or procedures and methods, and equally importantly, the controls or evidence that it was done properly. These are the critical requirements that documentation has to address, and are what this seminar will cover.

Doesn’t end with accreditation

Achieving accreditation is only half the job done, because once this has been done, the tougher part –that of maintaining the QMS –begins. The high number of non-conformances cited during the subsequent biannual audits is proof of this fact. This seminar will explain how to maintain the QMS in the long run to the satisfaction of regulatory authorities, as well as to meet the laboratory’s needs.

Those in Laboratory Management/Supervision, Laboratory Quality Development, Laboratory Quality Management,  Laboratory Quality Control and Analytical support need to ask critical questions at the time of embarking on the process of developing documents and records that meet the requirements of ISO 17025, such as:

  • Why should we want to become accredited?
  • Where do we start?
  • If our laboratory is already accredited, how do we ensure staff adherence and ongoing compliance to minimize corrective actions arising from accreditation audits?

Michael will help participants at this seminar develop the critical thinking that is essential for developing documents and records in compliance with ISO 17025.

Get your HIPAA compliance right in six simple steps

The most important element that Covered Entities and Business Associates must keep in mind while carrying out HIPAA audits is best summarized in the words of Jocelyn Samuels, the top Federal official in charge of HIPAA enforcement. To quote her own words, Covered Entities and Business Associates must ensure compliance through “… a comprehensive and thorough approach to assessing and addressing the risks to all of the Protected Health Information (PHI) they maintain”.

hipaa-compliance

Although Risk Analysis is mandatory; HIPAA audits of 2012 showed that as many as four fifths of health care providers failed to comply with this mandatory requirement. Covered Entities and Business Associates are under severe pressure to do a HIPAA Risk Analysis of all the PHI’s they maintain. Most of this, they are expected to do on their own. This explains perhaps just why 80% of health care providers failed to do the Risk Analysis, a fact discovered by the HHS. In fact, the incidence of HIPAA violations has been increasing so steeply that 2015 was sardonically referred to in HIPAA circles as the “Year of the Breach”. This fact leads to the next important point: higher and greater number of government enforcement and private lawsuits.

Learn the ways of getting HIPAA compliance right in just six simple steps

The above facts make it absolutely imperative for Covered Entities and Business Associates to get every aspect of the HIPAA compliance right, in the manner suggested by Jocelyn Samuels. This is precisely what GlobalCompliancePanel, a highly renowned provider of professional trainings for all areas of regulatory compliance, will be imparting at a two-day, in person seminar. To enroll for his event, just visit

http://www.globalcompliancepanel.com/control/globalseminars/~product_id=900616SEMINAR?master-HIPAA-compliance-six-steps-San-Diego.

The Director of this highly meaningful and valuable seminar is the well-known expert on HIPAA compliance, Paul Hales. Paul’s credentials get augmented by the fact that he has, with a team of expert advisors and practical field testers, created a method of making all HIPAA regulations accessible to the everyday person. Paul’s method explains all the aspects of HIPAA in uncomplicated and simple language and carries the exact citations to each regulation. This method is directed at organizations’ legal counsel who may not be well versed or experienced in HIPAA, and will be a major part of this seminar.

hippa

Major benefits by learning from the expert

Organizations that are required to carry out HIPAA audits will gain enormously from this seminar. It will help them to save money, time, and research. Paul will discuss how Business Associates and Covered Entities can grow their practice and be compliant. His method will serve as the very foundation on which organization can implement their HIPAA Compliance Program. Most importantly, he will teach how they can grow what is most valuable to their business: Their patients. Paul’s HIPAA compliance method, which consists of six easy steps, will create a level of quality to the advice that the legal counsel provides.

He will take participants of this seminar through a Risk Analysis for their organization and will also delve into the Privacy, Breach, and Security Rules as applicable to their particular organization.

Understanding the calibration curve

To get an understanding of instrument calibration, we can think of it as being an essential phase in most measurement procedures. The calibration curve is a set of operations with which the relationship between the outputs of the measurement system (for example, the response of an instrument) and the accepted values of the calibration standards (for instance, the amount of analyte it has) can be established. Understanding the calibration curve is important because this is required in a large number of analytical methods.

How to go about a calibration curve?

At its most basic form, understanding the calibration curve has to begin with the preparation of a group of standards which contain a known amount of the analyte of interest. In this, the instrument response for each standard has to be measured. In addition, the relationship between the instrument response and analyte concentration has to be established. This relationship is then used to transform measurements made on test samples into estimates of the amount of analyte present.

The calibration process

In understanding the calibration curve, we have to know that a number of stages go into calibrating an analytical instrument. This is how a logical sequence of steps would look:

  • Planning of the experiments;
  • Making the relevant measurements;
  • Plotting the results;
  • Carrying out regression analysis on the data, which will help obtain the calibration function;
  • Assessing the results of this regression analysis;
  • Using the calibration function to estimate the values of the test samples;
  • Evaluating the ambiguity of the values obtained

References:

http://www.nmschembio.org.uk/dm_documents/lgcvam2003032_xsjgl.pdf

Contact Detail
GlobalCompliancePanel
webinars@globalcompliancepanel.com
http://www.globalcompliancepanel.com
Phone:800-447-9407
Fax:302-288-6884
43337 Livermore Common | Fremont| CA | USA | 94539

Technical file vs design dossier

One of the important points that a medical device professional encounters is this: the technical file vs design dossier. The reason for the confusion about these two is that there are different names of the same concept and vary according to the class of device and the Notified Body that approves it. This is what has given rise to the technical file vs design dossier.

Depends on class of device

At a basic level, there is a difference between the two: the medical device manufacturer must have technical documentation for each device. Called the conformity assessment annex of the MDD, IVD and AIMD directives; this is a basic requirement of these regulatory bodies and statues. The important element of the technical file vs design dossier aspect is that the terminology technical file/design dossier sometimes varies depending on whom the directive has come from, and the annex in which it is placed. This is why there is some confusion on this technical file vs design dossier matter.

The two terms are interrelated

The following description should give a perspective: by the term “technical file” is meant the description of the documentation that demonstrates the ways by which the device complies with essential requirements. Among these devices, some devices require a design examination. The Technical Construction File (TCF) of such devices is called a design dossier. This explains the fundamentals of the technical file vs design dossier debate.

Depends on the Notified Body

To recap, the technical file, which the MDD refers to as “technical documentation”, is a bunch of documents that the medical device manufacturer has to put in place and furnish to their Notified Body for assessment. This is to show that the medical device conforms to the Essential Requirements of the directive. While this much is clear, some Notified Bodies require different methods of documentation for certain class of medical devices. These are to be presented as a design dossier. This is what has given rise to some confusion about the technical file vs design dossier issue.

Reference:

http://www.tuvamerica.com/tuvnews/newsletters/searchdetail.cfm?ID=552

http://elsmar.com/Forums/showthread.php?t=28968

Contact Detail
GlobalCompliancePanel
webinars@globalcompliancepanel.com
http://www.globalcompliancepanel.com
Phone:800-447-9407
Fax:302-288-6884
43337 Livermore Common | Fremont| CA | USA | 94539

Supplier quality audit training

Most medical device companies have auditors that assess the quality of the product from the supplier. This is the supplier quality audit. Supplier quality audit training is the training that is needed to be qualified to assess the quality of a product from the supplier. Auditors, regardless of whether they are from inside the organization or are external; have a need for this kind of training.

What are the attributes of an effective supplier quality audit training?

For a supplier quality audit training to be effective, it has to ideally combine theoretical and practical aspects of supplier quality audit. Auditing staff that undergo training must ideally be made to carry out a number of assignments in the area of regulatory compliance relating to supplier quality audit. This will give them enough knowledge of how the course aspects of supplier quality audit training work in real life.

What types of audits can supplier quality audit training help an auditor perform?

When proper supplier quality audit training is imparted, auditors in the organization or outside can perform the following types of audits:

  • New supplier audits
  • Existing supplier audits
  • Time cycled audits
  • Internal audits
  • Audits specific to a task or cause

Areas of supplier audits

There are specific areas that supplier audits work in. The aim of supplier quality audit training is to identify these and help auditors carry the audits out in their respective areas:

  • Regulatory
  • Quality
  • Operations
  • Business
  • The supplier audit process

Effective supplier quality audit training will help auditors carry out two important types of audit:

  • Top-down, which is an ISO-type of audit that is concerned with recordkeeping and Quality System documentation
  • Bottom up, a style of audit in which specific quality deficiencies are identified and rectified. This is usually referred to as the FDA type.

References:

http://www.nixonpeabody.com/files/Supplier_Quality_Mailhot.pdf

 

Contact Detail
GlobalCompliancePanel
webinars@globalcompliancepanel.com
http://www.globalcompliancepanel.com
Phone:800-447-9407
Fax:302-288-6884
43337 Livermore Common | Fremont| CA | USA | 94539

Supplier qualification program

In the pharmaceutical and life sciences industries, a sound supplier qualification program is a must. It is an indispensable element of their very reputation. Many pharmaceutical organizations contract several of their manufacturing processes or even products to third parties. For this reason, the FDA considers the supplier as a logical extension of the manufacturer. In fact, it attaches so much importance to this area that it holds the pharmaceutical organization (the contracting company) responsible for the supplier’s behavior in relation to the manufacturer’s product

The FDA can inspect the supplier’s facility too

Since the supplier is considered a part of the manufacturer’s operations, the FDA reserves the right to inspect the supplier’s facility too, at the time of carrying out an inspection of the pharmaceutical organization. This being the importance of the supplier, it is imperative to chalk out an effective supplier qualification program that meets regulatory requirements.

Supplier evaluation

A supplier qualification program starts with supplier evaluation. Obviously, the supplier and his facilities have to be inspected according to predefined parameters. This will enable the pharmaceutical organization to clearly state the terms of the contract. The contract should ideally specify the conditions in which the pharmaceutical product is going to be made.

Key elements of a sound supplier qualification program

All the important aspects of a supplier qualification program have to be put in place, as should the kind and nature of control. There should be proper checking up of data that goes into the supplier qualification program. These are some of the aspects that need to be implemented:

  • Establishment and maintenance of data that clearly describe or reference the specified requirements, among which quality requirements are very important
  • Identification of the key elements of a strong, sustainable and successful supplier qualification program
  • Signing of terms of the contract and making written agreements of the same, in which all the conditions of work will be clearly specified and ensure that the supplier meets the quality requirements consistently
  • Ensuring that the supplier qualification program has processes that are important to quality. This should also define how conformance to manufacturer requirements will be monitored and verified.

Reference:

http://www.eventbrite.com/event/5766556927/eorg

Contact Detail
GlobalCompliancePanel
webinars@globalcompliancepanel.com
http://www.globalcompliancepanel.com
Phone:800-447-9407
Fax:302-288-6884
43337 Livermore Common | Fremont| CA | USA | 94539

Quality by Design (QBD) and analytical methods

Quality by Design (QBD) and analytical methods have come into focus because of an inherent limitation in the guideline used for validation of analytical methods. The International Conference on Harmonization (ICH)’s Q2 guideline, Validation of Analytical Procedures: Text and Methodology serves as the guiding document for validation of analytical methods for pharmaceutical products. Since the most common approach to method validation is a one-time affair, there is need for guidance on how to implement continuous and consistent method performance.

Methods fail to perform as required or intended in the receiving laboratory because there is always the absence of an effective process for capturing and transferring the knowledge of those involved in the development. With too much emphasis on validation of the methods to meet regulatory requirements, the focus on what to do to make the process work during actual application seemed to be lost. It is to address this bottleneck that Quality by Design (QBD) and analytical methods took shape.

How do Quality by Design (QBD) and analytical methods make a difference?

QBD, in being “a systematic approach to development that begins with predefined objectives and emphasizes product and process understanding based on sound science and quality risk management”; emphasizes the importance of having predefined objectives built into the development process. An analytical method, which is an analytical procedure that includes all steps in the procedure, constitutes an important step in the QBD lifecycle approach. Together, Quality by Design (QBD) and analytical methods become an important component of the three-stage process of method validation, which are:

  • Stage one, which relates to method design
  • Stage two, which relates to method qualification, and
  • Stage three, which is about continued method verification

 Reference:

http://www.pharmtech.com/pharmtech/article/articleDetail.jsp?id=791903

Contact Detail
GlobalCompliancePanel
webinars@globalcompliancepanel.com
http://www.globalcompliancepanel.com
Phone:800-447-9407
Fax:302-288-6884
43337 Livermore Common | Fremont| CA | USA | 94539

Process validation for medical devices

The FDA introduced the idea of process validation for medical devices with the idea of improving the quality of pharmaceuticals and medical devices. From its rudimentary form that was conceived in 1987, process validation for medical devices has undergone changes to accommodate more types of devices and more processes into the validation.

Why is process validation for medical devices necessary?

In simple terms, validation is the ability of a medical device to demonstrate that a procedure, process and activity will consistently lead to the expected results. For the FDA; process validation for medical devices is all about establishing documented evidence which will offer a high degree of assurance that a specific process will consistently produce a medical device product that meets its pre-determined specifications and quality characteristics.

Process validation for medical devices is a requirement of the current GMP regulations for medical devices, 21 CFR Part 820 and is applicable to the manufacture of medical devices.

Factors

A host of factors influences the quality of a product in medical device manufacturing. Some of these are:

  • Adequate product and process design
  • Control of the process
  • In-process and end-product testing
  • Selection of quality parts and materials

The guidelines published by the FDA provide a framework for medical device manufacturers to build a holistic approach to process validation for medical devices. This is broad in nature, since the particulars of process validation vary from one manufacturer to the other because of many factors, such as

  • The nature of the medical product (e.g., sterile vs. non-sterile)
  • The complexity of the process
  • The local regulatory requirements
  • The age of the product (e.g., new invention vs. similar to an existing product)

The FDA recommends that the manufacturer:

  1. Prepare a written validation protocol  which specifies:
    1. The procedures to be conducted and the data to be collected
    2.  Purpose of data collection
    3. A sufficient number of process repetition to demonstrate reproducibility
    4. An accurate measure of variations during repeated process runs
    5. The test conditions that include best case and worst case scenarios called as “most appropriate challenge” conditions
    6. Validation documentation requirements to include evidence of the suitability of materials and the performance and reliability of equipment and systems
    7. Monitor and document key process variables and analyze the data collected to establish:
      1. The variability of process parameters for individual runs
      2. Whether or not the equipment and process controls are adequate to assure that product specifications are met
      3. Utilize finished product test data and in-process test data to obtain quality attributes and in establishing variability
      4. Where finished (or in-process) testing cannot adequately measure certain attributes, process validation should utilize the details of each system in production and by document the observed results

Reference:

http://www.fda.gov/downloads/Drugs/…/Guidances/UCM070336.pdf

http://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/PostmarketRequirements/QualitySystemsRegulations/MedicalDeviceQualitySystemsManual/ucm122439.htm

Contact Detail
GlobalCompliancePanel
webinars@globalcompliancepanel.com
http://www.globalcompliancepanel.com
Phone:800-447-9407
Fax:302-288-6884
43337 Livermore Common | Fremont| CA | USA | 94539