| Username | Post: Vendor Requirements? |
|---|---|
|
PaulS Member Posts 177 |
07-08-08 06:08 PM - Post#4809
Hi Dee You make an interesting statement that your product meets 21 CFR Part 11 compliance? I think you must mean that it has the potential to be used in a 21 CFR Part 11 compliant manner. I say this because the first stipulation for 21 CFR Part 11 is that the system is validated. This is done at the end users site on the end users hardware and is the end user's responsibility. As the vendor you are not really responsible for any of the validation (life science validation) which the regulators will audit. You are responsible for creating software that has been created using Good Software Development Practices(GSDP). This includes such things as using change / version control, structured programming, comments and functions that work. Also you must specifying the minimal hardware requirements. The development must be carried out and managed by qualified and / or experienced software engineering teams. Adhering to recognised programming standards, such as ISO and TickIT, and QMS systems are all part of the concept. All of the above, and more, can make up a "vendor audit" which potential customers should carryout before engaging a software vendor. This is an excellent space to discuss what the software industry calls "validation". You see in the life science industry we use the term slightly differently. Although there are very striking similarities there are also large differences. The main difference is who is doing what. The software industry often creates software that they think people will need and use. I guess that some market reasearch has been done, but doubt if there is a formal URS as at this point there is no customer. This means creating a PQ out of the box is nigh on impossible. Unless an end user is working closely with the vendor to develope a novell piece of software never the twain shall meet. Also the development of the code is not done on the end users hardware. Thus we are really talking about life science system validation. As you can appreciate there is no such thing as life science software validation. Because it must run on hardware and that becomes a system. Each end user installation and network will be different. Thus software vendors can't really sell pre-validated software (in terms of life science validation). What you can do is sell a quality, well tested, piece of software which has undergone the software industry verification and validation process. At this point it is not end user system validated. The regulators put the responsibility for sourcing, installing, configuring and using systems in the lap of end users. End users may deploy vendors to participate in this endeavour but end users still carry the responsibility. It is end user responsibility to use a system which is suitable for its intended purpose. My aim is to bring this jargon and misunderstanding to the fore so that we in the life science industry can leverage software industry validation work against our effort to perform end user system validation (life science industry validation). The hardware platforms are a key factor in differentiating one from the other. If your validation package is creating IQ/OQ/PQ protocols in consultation with end users this an excellent way to validate the system. Hope this gives your organisation some food for thought. Regards PaulS |