July 21, 2022
Technology is evolving. Newly purchased IT systems these days are mainly cloud based, making on-premise servers (and associated costs) redundant, enabling easier upgrades, allowing faster deployments, easier modifications according to customer requirements and providing end-to-end solutions (hardware and software). Companies that operate under strict regulation, such as life sciences, food & beverages, cosmetics and tobacco have traditionally been slower on adopting new IT systems. This is now rapidly changing with these companies revolutionizing their IT landscape, adopting cloud-based solutions for managing their digital processes. However, while cloud technology is becoming widely used, the computer system validation approach has not been updated accordingly to support these technological changes.
Regulatory agencies are now catching up on technology, trying to bridge the gap between old regulation guidance (some written over 20 years ago) and recent technologies, adopting new approaches for computer system validation while embracing automation and risk-based approach as opposed to a “test it all” approach. In other words, testing every feature of a system in an ‘idiot proof’ test protocol is no longer recommended by regulatory agencies. Instead, companies should be taking a risk-based approach for identifying key elements which impact the intended use of the software that is being validated. Focusing verification efforts on items which possess higher risk will eventually lead to safer products and enhanced quality of the tested system, as the riskier items will be tested in a more comprehensive manner.
In the past year the FDA has stated in several occasions it will work intensely to update the current Computer System Validation to a risk-based approach and embracing a new approach - Computer System Assurance. In March 2019, Cisco Vicenty, CDRH Program Manager at the FDA said “The FDA supports and encourages the use of automation, information technology, and data solutions throughout the product life cycle in the design, manufacturing, service, and support of medical devices. Automated systems provide manufacturers advantages for reducing or eliminating errors, increasing business value, optimizing resources, and reducing patient risk. These capabilities provide significant benefits in enhancing product quality and safety”. The updated draft guidance is expected to be released in 2020. Other regulatory agencies are likely to follow.
About Validify
Validify Inc. is a Salesforce partner, an automated solution providing Salesforce risk analysis and Salesforce software assurance, generating all necessary verification and validation documents based on risk and other predefined, configurable parameters. Validify also provides a real-time status of your Salesforce compliance and identifies changes in your org automatically.
About the author
Ido Raz is a Co-Founder and CEO of Validify, a cloud technology and Salesforce enthusiast, former CTO of a Salesforce application company and PMP certified. With years of experience in Salesforce, design & delivery of compliance solutions for regulated industries.
Want to hear more or book a demo? Click here
