The latest computer system industry standards for data [security]

Minimize the validation documentation to reduce costs without increasing regulatory or business risk.

Many companies are outsourcing IT resources and getting involved with Software as a Service (SaaS) and cloud computing. These vendors are not regulated and therefore regulated companies must ensure compliance for both infrastructure qualification and computer system validation. It is the regulated company that wants to avoid FDA form 483s and warning letters. The seminar is intended for regulated companies, software vendors, and SaaS/Cloud providers.

The instructor addresses the latest computer system industry standards for data security, data transfer, audit trails, electronic records and signatures, software validation, and computer system validation.

security

Today the FDA performs both GxP and Part 11 inspections, the Europeans have released an updated Annex 11 regulation that expands Part 11 requirements and companies must update their systems and processes to maintain compliance.

This seminar will help you understand the specific requirements associated with local and SaaS/cloud hosting solutions.

Nearly every computerized system used in laboratory, clinical, manufacturing settings and in the quality process has to be validated.

Participants learn how to decrease software implementation times and lower costs using a 10-step risk-based approach to computer system validation.

Finally, the instructor reviews recent FDA inspection trends and discusses how to streamline document authoring, revision, review, and approval.

Objectives of the Compliant with Part 11:

  • Understand what is expected in 21 CFR Part 11 and Annex 11 inspections
  • Avoid 483 and Warning Letters
  • Learn how to buy COTS software and qualify vendors.
  • Implement a computer system using risk-based validation to gain maximum productivity and reduce cost by as much as two thirds
  • Requirements for local, SaaS, and cloud hosting
  • How to select resources and manage validation projects
  • “Right size” change control methods that allows quick and safe system evolution
  • Minimize the validation documentation to reduce costs without increasing regulatory or business risk
  • Write test cases that trace to elements of risk management
  • Protect intellectual property and keep electronic records safe

21 CFR Part 11/Annex 11 – Compliance for Electronic Records and Signatures:

  • What Part 11 means to you, not just what it says in the regulations
  • Avoid 483 and Warning Letters
  • Explore the three primary areas of Part 11 compliance: SOPs, software product features, and validation documentation
  • How SaaS/cloud computing changes qualification and validation
  • Ensure data integrity, security, and protect intellectual property
  • Understand the current computer system industry standards for security, data transfer, and audit trails
  • Electronic signatures, digital pens, and biometric signatures
  • SOPs required for the IT infrastructure
  • Product features to look for when purchasing COTS software
  • Reduce validation resources by using easy to understand fill-in-the-blank validation documents

Read more at http://bit.ly/2CVLELD_SaaS_Cloud

A to Z’s of HIPAA Privacy, Security, and Breach Notification Rules

Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them.

It is designed to provide intensive, two-day training in HIPAA compliance, including what’s new in the regulations, what’s changed recently, and what needs to be addressed for compliance by covered entities and business associates.

It provides the background and details for any manager of healthcare information privacy and security to know what are the most important privacy and security issues, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate.

Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided.

Benefits from this Rules:

  • Information Security Officers
  • Risk Managers
  • Compliance Officers
  • Privacy Officers
  • Health Information Managers
  • Information Technology Managers
  • Medical Office Managers
  • Chief Financial Officers
  • Systems Managers
  • Legal Counsel
  • Operations Directors

HIPAA Privacy Rule Principles, Policies and Procedures

  • Patient Rights under HIPAA
  • Limitations on Uses and Disclosures
  • Required Policies and Procedures
  • Training and Documentation Requirements

Recent and Proposed Changes to the HIPAA Rules

  • New Penalty Structure
  • New HIPAA Audit Program
  • New Patient Rights
  • New Obligations for Business Associates

Go through here for detailed rules

Developing Documents and Records to meet the Requirement of ISO 17025

The major challenge for most laboratories is having to develop and implement a functional Quality Management System (QMS) that not only complies with the management and technical requirements of the ISO/IEC 17025:2005 standard, but also meets the laboratory’s needs. This is why QMS is considered the soul of the ISO/IEC 17025:2005 standard.

A highly meaningful and valuable learning session on how to accomplish this is being organized by GlobalCompliancePanel, a leading provider of professional trainings for the areas of regulatory compliance. The Director at this two-day seminar is Michael Brodsky, President of Brodsky Consultants and a Past President of the Ontario Food Protection Association (OFPA), The International Association for Food Protection (IAFP) and AOAC International. To enroll for this seminar, please log on to

http://www.globalcompliancepanel.com/control/globalseminars/~product_id=900445SEMINAR?developing-documents-records-SFO. This seminar has been pre-approved by RAPS as eligible for up to 12 credits towards a participant’s RAC recertification upon full completion.

Compliance with ISO is a core requirement

A QMS that complies with the management and technical requirements of the ISO/IEC 17025:2005 standard is the core criterion for accreditation, as well as the backbone of this standard. Michael will familiarize participants with how with how laboratories can accomplish this in depth.

quality-management-system

The Quality System Manual (QMS) is indispensable in a QMS environment because, much like its predecessor –Good Laboratory Practice (GLP) –it contains the policies that the laboratory is expected to follow to achieve Quality results. However, it is only the “what to do” component of a QMS. What laboratories also need are the “how to do it” or procedures and methods, and equally importantly, the controls or evidence that it was done properly. These are the critical requirements that documentation has to address, and are what this seminar will cover.

Doesn’t end with accreditation

Achieving accreditation is only half the job done, because once this has been done, the tougher part –that of maintaining the QMS –begins. The high number of non-conformances cited during the subsequent biannual audits is proof of this fact. This seminar will explain how to maintain the QMS in the long run to the satisfaction of regulatory authorities, as well as to meet the laboratory’s needs.

Those in Laboratory Management/Supervision, Laboratory Quality Development, Laboratory Quality Management,  Laboratory Quality Control and Analytical support need to ask critical questions at the time of embarking on the process of developing documents and records that meet the requirements of ISO 17025, such as:

  • Why should we want to become accredited?
  • Where do we start?
  • If our laboratory is already accredited, how do we ensure staff adherence and ongoing compliance to minimize corrective actions arising from accreditation audits?

Michael will help participants at this seminar develop the critical thinking that is essential for developing documents and records in compliance with ISO 17025.

Get your HIPAA compliance right in six simple steps

The most important element that Covered Entities and Business Associates must keep in mind while carrying out HIPAA audits is best summarized in the words of Jocelyn Samuels, the top Federal official in charge of HIPAA enforcement. To quote her own words, Covered Entities and Business Associates must ensure compliance through “… a comprehensive and thorough approach to assessing and addressing the risks to all of the Protected Health Information (PHI) they maintain”.

hipaa-compliance

Although Risk Analysis is mandatory; HIPAA audits of 2012 showed that as many as four fifths of health care providers failed to comply with this mandatory requirement. Covered Entities and Business Associates are under severe pressure to do a HIPAA Risk Analysis of all the PHI’s they maintain. Most of this, they are expected to do on their own. This explains perhaps just why 80% of health care providers failed to do the Risk Analysis, a fact discovered by the HHS. In fact, the incidence of HIPAA violations has been increasing so steeply that 2015 was sardonically referred to in HIPAA circles as the “Year of the Breach”. This fact leads to the next important point: higher and greater number of government enforcement and private lawsuits.

Learn the ways of getting HIPAA compliance right in just six simple steps

The above facts make it absolutely imperative for Covered Entities and Business Associates to get every aspect of the HIPAA compliance right, in the manner suggested by Jocelyn Samuels. This is precisely what GlobalCompliancePanel, a highly renowned provider of professional trainings for all areas of regulatory compliance, will be imparting at a two-day, in person seminar. To enroll for his event, just visit

http://www.globalcompliancepanel.com/control/globalseminars/~product_id=900616SEMINAR?master-HIPAA-compliance-six-steps-San-Diego.

The Director of this highly meaningful and valuable seminar is the well-known expert on HIPAA compliance, Paul Hales. Paul’s credentials get augmented by the fact that he has, with a team of expert advisors and practical field testers, created a method of making all HIPAA regulations accessible to the everyday person. Paul’s method explains all the aspects of HIPAA in uncomplicated and simple language and carries the exact citations to each regulation. This method is directed at organizations’ legal counsel who may not be well versed or experienced in HIPAA, and will be a major part of this seminar.

hippa

Major benefits by learning from the expert

Organizations that are required to carry out HIPAA audits will gain enormously from this seminar. It will help them to save money, time, and research. Paul will discuss how Business Associates and Covered Entities can grow their practice and be compliant. His method will serve as the very foundation on which organization can implement their HIPAA Compliance Program. Most importantly, he will teach how they can grow what is most valuable to their business: Their patients. Paul’s HIPAA compliance method, which consists of six easy steps, will create a level of quality to the advice that the legal counsel provides.

He will take participants of this seminar through a Risk Analysis for their organization and will also delve into the Privacy, Breach, and Security Rules as applicable to their particular organization.

Understanding the calibration curve

To get an understanding of instrument calibration, we can think of it as being an essential phase in most measurement procedures. The calibration curve is a set of operations with which the relationship between the outputs of the measurement system (for example, the response of an instrument) and the accepted values of the calibration standards (for instance, the amount of analyte it has) can be established. Understanding the calibration curve is important because this is required in a large number of analytical methods.

How to go about a calibration curve?

At its most basic form, understanding the calibration curve has to begin with the preparation of a group of standards which contain a known amount of the analyte of interest. In this, the instrument response for each standard has to be measured. In addition, the relationship between the instrument response and analyte concentration has to be established. This relationship is then used to transform measurements made on test samples into estimates of the amount of analyte present.

The calibration process

In understanding the calibration curve, we have to know that a number of stages go into calibrating an analytical instrument. This is how a logical sequence of steps would look:

  • Planning of the experiments;
  • Making the relevant measurements;
  • Plotting the results;
  • Carrying out regression analysis on the data, which will help obtain the calibration function;
  • Assessing the results of this regression analysis;
  • Using the calibration function to estimate the values of the test samples;
  • Evaluating the ambiguity of the values obtained

References:

http://www.nmschembio.org.uk/dm_documents/lgcvam2003032_xsjgl.pdf

Contact Detail
GlobalCompliancePanel
webinars@globalcompliancepanel.com
http://www.globalcompliancepanel.com
Phone:800-447-9407
Fax:302-288-6884
43337 Livermore Common | Fremont| CA | USA | 94539

Technical file vs design dossier

One of the important points that a medical device professional encounters is this: the technical file vs design dossier. The reason for the confusion about these two is that there are different names of the same concept and vary according to the class of device and the Notified Body that approves it. This is what has given rise to the technical file vs design dossier.

Depends on class of device

At a basic level, there is a difference between the two: the medical device manufacturer must have technical documentation for each device. Called the conformity assessment annex of the MDD, IVD and AIMD directives; this is a basic requirement of these regulatory bodies and statues. The important element of the technical file vs design dossier aspect is that the terminology technical file/design dossier sometimes varies depending on whom the directive has come from, and the annex in which it is placed. This is why there is some confusion on this technical file vs design dossier matter.

The two terms are interrelated

The following description should give a perspective: by the term “technical file” is meant the description of the documentation that demonstrates the ways by which the device complies with essential requirements. Among these devices, some devices require a design examination. The Technical Construction File (TCF) of such devices is called a design dossier. This explains the fundamentals of the technical file vs design dossier debate.

Depends on the Notified Body

To recap, the technical file, which the MDD refers to as “technical documentation”, is a bunch of documents that the medical device manufacturer has to put in place and furnish to their Notified Body for assessment. This is to show that the medical device conforms to the Essential Requirements of the directive. While this much is clear, some Notified Bodies require different methods of documentation for certain class of medical devices. These are to be presented as a design dossier. This is what has given rise to some confusion about the technical file vs design dossier issue.

Reference:

http://www.tuvamerica.com/tuvnews/newsletters/searchdetail.cfm?ID=552

http://elsmar.com/Forums/showthread.php?t=28968

Contact Detail
GlobalCompliancePanel
webinars@globalcompliancepanel.com
http://www.globalcompliancepanel.com
Phone:800-447-9407
Fax:302-288-6884
43337 Livermore Common | Fremont| CA | USA | 94539

Supplier quality audit training

Most medical device companies have auditors that assess the quality of the product from the supplier. This is the supplier quality audit. Supplier quality audit training is the training that is needed to be qualified to assess the quality of a product from the supplier. Auditors, regardless of whether they are from inside the organization or are external; have a need for this kind of training.

What are the attributes of an effective supplier quality audit training?

For a supplier quality audit training to be effective, it has to ideally combine theoretical and practical aspects of supplier quality audit. Auditing staff that undergo training must ideally be made to carry out a number of assignments in the area of regulatory compliance relating to supplier quality audit. This will give them enough knowledge of how the course aspects of supplier quality audit training work in real life.

What types of audits can supplier quality audit training help an auditor perform?

When proper supplier quality audit training is imparted, auditors in the organization or outside can perform the following types of audits:

  • New supplier audits
  • Existing supplier audits
  • Time cycled audits
  • Internal audits
  • Audits specific to a task or cause

Areas of supplier audits

There are specific areas that supplier audits work in. The aim of supplier quality audit training is to identify these and help auditors carry the audits out in their respective areas:

  • Regulatory
  • Quality
  • Operations
  • Business
  • The supplier audit process

Effective supplier quality audit training will help auditors carry out two important types of audit:

  • Top-down, which is an ISO-type of audit that is concerned with recordkeeping and Quality System documentation
  • Bottom up, a style of audit in which specific quality deficiencies are identified and rectified. This is usually referred to as the FDA type.

References:

http://www.nixonpeabody.com/files/Supplier_Quality_Mailhot.pdf

 

Contact Detail
GlobalCompliancePanel
webinars@globalcompliancepanel.com
http://www.globalcompliancepanel.com
Phone:800-447-9407
Fax:302-288-6884
43337 Livermore Common | Fremont| CA | USA | 94539