The implementation of good quality electronic systems is challenging. In most organizations, business processes are entrenched,
personnel are overworked, and financial resources are limited. Sometimes these organizations do not understand that aspects
of their electronic environment are out of compliance or even worse, may even not realize the need for compliance.
Today's networked, and web-enabled, biopharmaceutical environments demand data of the highest quality. Do not regard Good
Laboratory Practice (GLP), Good Clinical Practice (GCP), and Good Manufacturing Practice (GMP), collectively known as GxP-related
computer systems, as a collection of discrete technologies solely supported by individual validation packages and a few SOPs.
A company must think of its entire virtual, GxP-related environment as a process stream. This environment must have an entire
quality system built around it to be able to meet the intricacies of the law and to be able to produce, manipulate, analyze,
transfer, and store high-integrity data.
This article is aimed at individuals working in GxP functional areas, like laboratories, clinical trials, clinical and commercial
manufacturing, quality, supply chain, and the information technology (IT) organizations. An approach to utilize such thinking
for building compliance and quality into the readers' organizations will be outlined. This article will not define how to
develop a 21 CFR Part 11 risk document; rather it will examine the context of Part 11 as an attribute of a larger, frequently
over-looked, and extrinsic, quality system.1,4 We introduce a methodology to outline, assess, and document this virtual process stream and make recommendations on how
to close compliance and quality gaps.
Table 1. Basic Quality Attributes
The ubiquity of desktop computers with easy-to-use spreadsheets and databases, web-enabled technology, and high-speed networks
has allowed many people to rely on these tools for their daily work. This evolution of technology in today's society has been
a panacea, but has also made it easy for those working in regulated industries to implement computers into their work practices
without forethought of the consequences. As a result, workers in FDA-regulated organizations have to keep up with technology
changes while still ensuring that the safety, identity, strength, purity, and quality of the product, and ultimately consumer
safety, are not detrimentally affected. These challenges apply equally to all individuals working in GxP functional business
areas, not just IT specialists.
Many IT departments do not fully understand the requirements of the law, nor do they understand the impact that their work
practices and decisions have upon the larger enterprise. Business people are not likely to be aware of how their day-to-day
practices impact the virtual environment and the data being produced. Both sides may be fooled into thinking that because
they have implemented a validated computer system that they are in compliance with the law. This thinking is erroneous, because
the days of stand-alone or isolated computer systems dedicated to one function are gone.