21 CFR Part 11 compliance requirements for software validation and SaaS/Cloud

Software as a Service, SaaS, is a way by which applications are delivered over the Net. It provides Software as a Service using just the Internet, and hence the name. SaaS applications are known by varied names. On-demand software, hosted software, and web-based software are some of these.

Where SaaS differs as a method of delivering applications is that there is no need to install and maintain software at or from the client’s location. All that is needed to access all these is an Internet connection. The provider can run SaaS applications on his own servers. With the provider taking over the responsibility of managing all aspects of the application, such as making it available and secure, and also for its performance; the client is spared the hassle of having to manage unfamiliar and often complex software and hardware.

Given this novelty and ease of its application; SaaS has grown into a huge market. Its US market was estimated at just over $ 10 billion in 2011. In the next couple of years, the global SaaS market is set to grow to around $ 120 billion. Experts put its speculated CAGR at between 18 and 24 percent and expect SaaS to make up more than one fifth of all software services by 2019.

Now, the difficult part of SaaS

All these bright spots about SaaS notwithstanding; it comes with a few hiccups. Given its nature, most SaaS providers outsource their resources to cut costs. This makes them very vulnerable, since most regulations, such as 21 CFR Part 11, apply only to the provider, and give little by way of safeguards to the vendor. With very less vigilance and scrutiny on the vendor; the onus of ensuring compliance for both infrastructure qualification and Computer System Validation lies with the regulated company, for it is they who have to show compliance with the regulations and prevent issues relating to availability, performance and protection of data.  In other words, while the actual work of SaaS is carried on by the vendor; it is the client who has to ensure compliance with regulations arising out of 21 CFR Part 11.

Since on paper it is the regulated provider to whom all the regulations apply; it becomes the target of FDA inspections on software validation. They have to show compliance with these regulations set out in 21 CFR Part 11 and other regulations such as Annex 11 if they have to avoid FDA actions such as Warning Letters and 483’s. There is thus a major need for regulated companies, software vendors and SaaS/cloud providers to show compliance with 21 CFR Part 11. This is the only way to avoid legal and other issues associated with noncompliance.

The ways of staying compliant

This is what a two-day seminar that is being organized by GlobalCompliancePanel, a highly regarded provider of professional trainings for the regulatory industries, will offer. This seminar will explain in-depth how regulated companies, software vendors and SaaS or cloud providers can ensure compliance and safeguard and enhance their reputation as trustworthy providers

David Nettleton, who is an industry leader, author, and teacher for 21 CFR Part 11, Annex 11, HIPAA, software validation, and Computer System Validation, will be the Director of this seminar.

Please register for this webinar by visiting 21 CFR Part 11 compliance requirements for software validation and .... This seminar has been pre-approved by RAPS as eligible for up to 12 credits towards a participant’s RAC recertification upon full completion.

An explanation of proven techniques

Over the two days of learning at this seminar, David will demonstrate proven techniques for cutting costs associated with the implementation, usage, and maintenance of computer systems in regulated environments. In doing this, David will address the latest computer system industry standards for data security, data transfer, audit trails, electronic records and signatures, software validation, and Computer System Validation.

With the FDA performing both GxP and Part 11 inspections; the EMA has released an updated Annex 11 regulation that expands Part 11 requirements. Companies must update their systems and processes to maintain compliance. This aspect will be explained at this seminar. The Director will offer participants an understanding of the specific requirements associated with local and SaaS/cloud hosting solutions.

Validation in several specialized areas

The regulatory agencies require almost every computerized system used in laboratory, clinical, manufacturing settings and in the quality process to be validated. David will show the ways by which they can do this while decreasing software implementation time and lowering costs using a 10-step risk-based approach to Computer System Validation. He will review recent FDA inspection trends and discuss how to streamline document authoring, revision, review, and approval.

This seminar is of high value to anyone who uses computer systems to perform their job functions in the regulatory, clinical and IT areas of health care, clinical trial, biopharmaceutical, and medical device sectors. Software vendors, auditors and quality staff involved in GxP applications will also derive high value from this seminar.

NetZealous LLC DBA GlobalCompliancePanel Media Partner with SocialMediaPortal:

Global News and Information Directory