Aligning System Validation and Data Lifecycles

November 28, 2017


2017 ISPE Annual Meeting & Expo

One of the first education sessions at the recent 2017 ISPE Annual Meeting & Expo in San Diego, California, was “Aligning System Validation and Data Lifecycles,” held Sunday afternoon, 29 October, even before the opening keynote was delivered.

Leaders Lorrie Vuolo-Schuessler, Manager, Computer Systems Quality Assurance, GlaxoSmithKline, USA, and Charlie Wakeham, Regional Informatics CSV Consultant, Waters Corporation, Australia, led participants through a series of software assessment and validation exercises.

The leaders began by reviewing definitions of the three software types: chromatography data system (CDS), process control system (PCS), and customer interaction center system (CICS). They also introduced the facilitators that would assist each system group in the breakout sessions: Karen Ashworth, Director, Karen Ashworth Consulting Ltd., UK (PCS); Heather Longden, Senior Marketing Manager, Informatics and Regulatory Compliance Waters Corporation, USA (CDS); and Arthur Perez, PhD, (CICS).

Participants then broke into sections for a series of exercises:

  • Exercise 1: Initial system assessment
  • Exercise 2: Assessing system records
  • Exercise 3: Validating a system

In each exercise, participants were asked to discuss three scenarios in terms of each software system:

  • Consider the GxP impact of the system relative to patient safety, product quality, and data integrity
  • Consider whether the system is likely to be standard, configurable, or customized, and whether the software is simple or complex
  • Define the business process that the system is supporting and suggest other systems that may be involved in this business process
  • Define the main features and functions and interfaces for the system

As each session ended, participants regrouped to share their feedback and observations.

As the workshop drew to a close, leaders and facilitators reminded participants of the important questions that should be asked about any system: Does it have GxP impact? Which are the critical records? What data integrity risks are specific to the system, related to the critical records? What level of validation is needed?

Leaders also stressed that it’s important to scale the approach commensurate with the risks to product quality, patient safety, and data integrity. Records should be seen in the wider context of the data life cycle, and the system as a mechanism that supports the overall business process.

In closing, Lorrie Vuolo-Schuessler said, “To me, the computer system is only one part of the business process. You need to think outside the box, outside the computer system. It’s not an IT function to figure out the critical records and what the risks are. This is not a box-checking exercise. You need to know what the critical data is.

“How much validation is required?” she asked. “It depends. How complex is the system and the process that you’re supporting? That determines the level of validation needed.”

Don't miss the robust line-up of education sessions lining up for the 2018 ISPE Annual Meeting & Expo in Philadelphia, PA, USA.  Sign-up to receive notifications on early registration rates, keynote speaker announcements, special events, and more.