Robots with boxes in a manufacturing plant

The future of software validation in pharmaceutical, life sciences & medical device manufacturing organizations

28 jul, 2022

50% of business leaders say the cost and time involved with regulatory compliance has increased. How can you reduce the amount of effort involved to keep your products safe and your business profitable?

Achieving compliance using modern software tools

Companies working in life sciences manufacture pharmaceutical products or medical devices that are subject to a series of legal requirements, some of which are particularly onerous. These not only have an impact on the processes to be supported by the application system and the required functionality, but they also affect implementation and system operation.

HSO helps regulated manufacturers drive increased process efficiencies, prepare for and support rapid growth, and drive valuation while maintaining FDA CFR 21 part 11 and part 211, EMA Annex 11, and other country-specific regulatory compliance. With our experienced implementation and consulting team, you gain an ERP partner who understands the complex operational, manufacturing, and compliance challenges that life science and medical device organizations face. With that in mind, HSO works with a team of software validation experts to ensure that the highest quality processes are set up and maintained for our clients.

We recently met with Stefan Staub, a Partner with DHC Consulting. DHC has been established for approximately 25 years, and specializes in working alongside pharmaceutical, life sciences and medical device manufacturing companies to help them obtain system validation and compliance. These industries tend to be heavily regulated, so DHC is often called in to provide IT infrastructure qualification, data integrity and electronic records and electronic signature assessments and implementation.

So what happens if an organization finds themselves to be non-compliant?

“If your systems or processes they support are not safe, it could lead to incorrect product compositions. This will have an impact on product quality, but eventually it could even lead to the death of patients. You can easily imagine what the impact would be if a company received that news. It’s not only a struggle with regulatory bodies, but also litigation and loss of brand. It could land you in serious trouble.”

Different countries have different regulations. Is there a consistent approach to ensure companies are compliant with the validation process of the countries they’re operating in?

“Regulations are different from country to country, but these are mainly governmental organizations, and they aim to make sure that medicines and medical devices are effective and safe to use. So the objectives behind those requirements are always safe. Country regulations often stipulate those computerized systems must be validated. That’s why ensure that our client’s software and their computerized systems are being implemented, validated and then maintained in that validated state throughout the system lifecycle.”

What are the typical steps involved?

“I think it’s important to note that not all computer systems need to be validated or become compliant. For instance, if a system is for finance, it may have an impact on the health of the management team, but certainly not on the customers. However, if a computer system manufactures products that will potentially have an impact on quality and patient safety, then validation will be required. Also, each country has their own different set of regulations.

The first step is to carry out an assessment and build a foundation to work from, not forgetting to ensure any gaps are filled in. You need to prove that the system is consistently doing what it’s supposed to do, and the documentational evidence proves that it does it reliably – that’s what validation is all about.”

So, if you’re buying products or ingredients or formulations, and manufacturing a product, that’s where the quality side comes into play. Are these areas that would need to be validated?

“Absolutely yes. Once you know that the system falls under that regulation, you need to further break it down. For instance, if you are reviewing an ERP system, it falls into finance and distribution, you might also have manufacturing, planning and execution and so on. So you need to start to define your requirements and write functional specifications of how these requirements were implemented. Then you need to carry out stringent testing to prove that the system is consistently doing what it is supposed to be doing and supply documentation providing the evidence that it carries this out reliably.”

Are there any specific tools within the Microsoft solution that are an aid to producing documentation?

“The Task Recorder facility in Dynamics 365 allows you to define your SOPs in a video format that can be played back. Traditionally, most of the validation process involved printing off paper and signing it, but nowadays, especially with the latest GAMP guide, enabling innovation to assist in the validation process is key. It’s the motivation that the industry should be applying as you can now record tests and use this as evidence. You should double check that your country regulations allow this type of evidence.

I encourage companies to start using the modern innovative tools available to them in their ERP systems, as this will speed up the process, reduce errors and establish firm traceability rather than use old methods i.e. spreadsheets and manual processes.”

"I encourage companies to start using the modern innovative tools available to them in their ERP systems, as this will speed up the process, reduce errors and establish firm traceability"

Stefan Staub Partner with DHC Consulting

Has the move to the cloud made any difference to the way you’re having to validate solutions?

“All major ERP providers have now got a cloud ERP offering. When you’re selecting a cloud-based ERP system, you must make a very conscious decision and look to your provider to check closely if you can rely on their documentation. If you make a bad choice, you’ll get locked in.

I really must emphasize the importance of selecting the right software vendor and the best IT service provider.”

What is the effort that a company can expect to go through to achieve validation?

“If you have a proper, quality approach to your system implementation, like gathering requirements, a good IT practice, and so on, then achieving system validation should be no big effort. I think the biggest differentiator to good IT practice is actually that you have control over the release management . You need to have the history in place.”

Finally, are there any trends that you are seeing that you think are going to change the nature of how validation is achieved in say, the next five years?

“Yes, as manufacturing ERP business systems play a big part in the industry today, we are always seeing a constant evolution, technologies change, methods change and so on. Today’s modern software tools remove much of the traditional burden on achieving validation, reducing the time needed for change control.

The future of validation is even more streamlined. That’s because self-validating software is now a possibility. The cloud is the norm instead of the exception, which means more frequent releases, and companies will be able to automatically validate with no involvement from the user.

Using a more risk-based approach, companies will be able to focus validation on the areas of greatest risk to the business and stay current with the latest software tools.”

HSO for Life Science

Discover more

Learn more about HSO for Life Science and how we’re helping life science companies like yours to bring safe, compliant and effective products to market.

Contact us

Door gebruik te maken van dit formulier gaat u akkoord met de opslag en verwerking van de door u verstrekte gegevens, zoals aangegeven in ons privacybeleid. U kunt zich op elk moment afmelden voor verzonden berichten. Lees ons privacybeleid voor meer informatie over hoe u zich kunt afmelden, onze privacypraktijken en hoe we ons inzetten om uw privacy te beschermen en te respecteren.