Understand how to meet compliance requirements with a private cloud module.
So you’re thinking of buying a cloud-based serialization L4/L5 solution. You’ve read some marketing materials and maybe the idea of a shared network appeals, because you know another company who’s using that system. Before you write the purchase order, read on.
Who will validate your cloud-based serialization system?
Under the rules such as 21 CFR Part 11 and EU GMP Annex 11, YOU are responsible. You can use vendor tools, templates and widgets but no-one else can sign-off on the quality for you. Therefore, whenever the vendor system changes you need to react. You remain responsible for your own data quality so every change is a risk. Think about what risk assessment and validation burden you are prepared to accept, before you choose your vendor.
How often do you need to re-validate?
That depends on your tolerance for risk. Shared cloud, multi-tenant systems inherently change much more frequently than private cloud, single-tenant solutions. They have to adjust to continuous demands from all the companies using the shared system. If a change made by your shared cloud service provider could impact your business processes and data quality, you must conduct a risk assessment process. Colleagues tell us that running that process every week or two gets tedious. If there are major changes then you may need to fully re-validate some or all of your data connections more often than you’d like. Furthermore, on a shared cloud, this will not happen at a time of your choosing but will be driven by the vendor’s considerations.
Is there an easier way?
Private cloud solutions, like those provided by rfxcel, don’t have the same issues. We give you your own software instance, within our secure cloud environment. In our model, your validated system remains locked down until you decide you want to update it. You can roll multiple patches and updates into one change event, and schedule any IT resources you need well in advance. Private cloud architecture doesn’t mean you’re not linked to the outside world. We provide a cloud-based exchange server which is used by hundreds of entities. We routinely exchange data with all of the major system providers on a daily basis, so you’re not locked out of your CMOs or logistics partners, even if they made a different choice.
Data integrity means checking not assuming
Don’t forget that mistakes happen, even in validated systems. It may surprise you that some of our competitors don’t check data. They assume that what comes in is correct, and pass it on. We make over fifty checks on data fields to ensure that even if something goes wrong you’ll spot it before an error becomes an incident. The cost of a recall is usually more than a million dollars, so make sure you give yourself every chance of avoiding one caused by a serialisation error.
Contact us today to see how rfxcel can help you to be compliant without unseen validation burdens and data quality risks.