Why is Computer System Validation Important in FDA Regulated Industries?

Why is Computer System Validation Important in FDA Regulated Industries?

Asking why ComputerSystem Validation (CSV) is important in FDA-regulated industries is like asking why an engine is important to a vehicle.

Before going on to get an understanding of this issue, let us understand that there is a difference between the ways in which the term “validation” is used in the general area of computers and that used in FDA-related circles. In the field of computer science, the term means the ability of software to meet its stated requirements. For the FDA, validation of a computer system incorporates all activities that go into a computer system and these should be documented and made available to the FDA. We could use the word “verification” to associate the same meaning and understanding of what “validation” means to the FDA.

All-encompassing term

The critical importance of computer system validation in FDA regulated industries can be learned from at least two perspectives:

1.    When a company is carrying out systematic CSV; it nips potential serious problems in the bud by preventing software problems from reaching production stages and environments. When a problem in a Life Science software application reaches the production environment, this can lead to serious adverse consequences. On the one side, there is the human element of getting the CSV validation wrong, which can result in serious product consequences, which can be disastrous to the patient’s health; on the other, businesses that get their CSV wrong can also face anything from lawsuits and heavy penalties to having to shut shop permanently. Long drawn out court cases can result in serious problems including bankruptcy.

2.    FDA’s regulations requiring companies to carry out systematic CSV have the effect of law, which means that companies that come under the ambit of the FDA are legally bound to follow the guidelines set out by FDA's regulations. When companies fail during an FDA audit; it can invite inspectional observations (“483s”) and warning letters.

The most important element of CSV that companies need to bear in mind is that they need to get their validation right alright; they also need to get it right stage by stage. Some companies have tried the short cut method of overlooking or circumventing a step or two. While this may give them short term savings; their long term costs are far higher than these savings.

References:

http://www.stsv.com/pdfs/STS_CSV_article.pdf
http://www.fda.gov/medicaldevices/deviceregulationandguidance/guidancedocuments/ucm085281.htm

Thanks & Best Regards,
John Robinson
GlobalCompliancePanel
161 Mission Falls Lane, Suite 216, Fremont, CA 94539, USA.
Web: www.globalcompliancepanel.com
Email: john.robinson@globalcompliancepanel.com

The ISO 13485:2003 Standard has quality management systems at its heart

The ISO 13485:2003 Standard has quality management systems at its heart



The ISO 13485:2003 Standard relates to quality management systems in the field of Medical Devices. Its requirements ISO 13485:2003 specifically relate to organizations that are in the business of medical devices, no matter what its size or type. At its core, ISO 13485:2003 is all about quality management systems in medical devices.

This standard specifies requirements for a quality management system. Accordingly, it requires an organization to demonstrate the ability to produce medical devices and related services that have to consistently meet both –a) customer requirements and b) regulatory requirements –that are applicable to the file of medical devices and related services.

Harmonization at the core

It thus becomes clear that quality management systems, which are the means to ensuring these requirements, constitute the heart of ISO 13485:2003. This Standard’s essential objective is to foster and bring about harmonization among medical device regulatory requirements for meeting quality management systems. This Standard superseded the earlier version, the ISO 9001. It did away with some of the requirements of that Standard.


When a medical device company deals with medical devices it may not manufacture; it is its responsibility to ensure that processes applicable to the medical device(s) required by ISO 13485:2003, are accounted for in the organization's quality management system.

In a nutshell, these are some of the requirements set out from Part 4 of ISO 13485:2003 onwards, the Part at which quality requirements begin:

4.1: Establish a quality system for medical devices;

4.2: Document your medical device quality system;

5.1: Support Quality;

5.2: Focus on customers;

5.3: Establish a Quality Policy;

5.4: Perform Quality Planning;

5.5: Control your Quality Management System;

5.6: Carry out management reviews;

6.1: Provide quality resources;

6.2: Provide Quality personnel;

6.3: Provide quality infrastructure;

6.4: Provide quality environment

8.2: Monitor and measure quality;

8.3: Control your nonconforming products;

8.5: Take required remedial actions


References:
http://www.iso.org/iso/catalogue_detail?csnumber=36786
http://www.praxiom.com/iso-13485.htm


John Robinson
GlobalCompliancePanel
161 Mission Falls Lane, Suite 216, Fremont, CA 94539, USA.
Web: www.globalcompliancepanel.com
Email: john.robinson@globalcompliancepanel.com