The implementation of good quality electronic systems is challenging. In most organizations, business processes are entrenched, personnel are overworked, and financial resources are limited. Sometimes these organizations do not understand that aspects of their electronic environment are out of compliance or even worse, may even not realize the need for compliance.
Today's networked, and web-enabled, biopharmaceutical environments demand data of the highest quality. Do not regard Good Laboratory Practice (GLP), Good Clinical Practice (GCP), and Good Manufacturing Practice (GMP), collectively known as GxP-related computer systems, as a collection of discrete technologies solely supported by individual validation packages and a few SOPs. A company must think of its entire virtual, GxP-related environment as a process stream. This environment must have an entire quality system built around it to be able to meet the intricacies of the law and to be able to produce, manipulate, analyze, transfer, and store high-integrity data.
This article is aimed at individuals working in GxP functional areas, like laboratories, clinical trials, clinical and commercial manufacturing, quality, supply chain, and the information technology (IT) organizations. An approach to utilize such thinking for building compliance and quality into the readers' organizations will be outlined. This article will not define how to develop a 21 CFR Part 11 risk document; rather it will examine the context of Part 11 as an attribute of a larger, frequently over-looked, and extrinsic, quality system.1,4 We introduce a methodology to outline, assess, and document this virtual process stream and make recommendations on how to close compliance and quality gaps.
The ubiquity of desktop computers with easy-to-use spreadsheets and databases, web-enabled technology, and high-speed networks has allowed many people to rely on these tools for their daily work. This evolution of technology in today's society has been a panacea, but has also made it easy for those working in regulated industries to implement computers into their work practices without forethought of the consequences. As a result, workers in FDA-regulated organizations have to keep up with technology changes while still ensuring that the safety, identity, strength, purity, and quality of the product, and ultimately consumer safety, are not detrimentally affected. These challenges apply equally to all individuals working in GxP functional business areas, not just IT specialists.
Table 1. Basic Quality Attributes
Many IT departments do not fully understand the requirements of the law, nor do they understand the impact that their work practices and decisions have upon the larger enterprise. Business people are not likely to be aware of how their day-to-day practices impact the virtual environment and the data being produced. Both sides may be fooled into thinking that because they have implemented a validated computer system that they are in compliance with the law. This thinking is erroneous, because the days of stand-alone or isolated computer systems dedicated to one function are gone.