1.0 What is Computer Validation?
The Food and Drug Administration of the USA defines Validation as
“Establishing documented evidence that provides a high degree of assurance that a specific (computerized) process will consistently produce a product meeting its predetermined specifications and quality characteristics”.
To simply put it: Identifying and documenting that the computer system does what it is supposed to do consistently, repeatedly, and accurately.
2.0 What comprise the Computer System?
A device made up from electronics that can store and run a software-coded program. This includes all microprocessor based controllers, PLC, SCADA Systems, DCS, ERP, LIMS etc.
3.0 Why is Computer System Validation required?
Risk associated with the patient’s life being one of the most critical followed by Risk associated with the product quality. Risk associated to Goodwill and thus Risk associated with the business.
4.0 What are Regulatory Norms?
It is required to validate the Computer System especially by the regulatory bodies of Europe and USA. Even the MCC, TGA, Japanese regulatory bodies have recommended computer system validations. Any exports to the countries in these jurisdictions will want the computer systems validated.
5.0 What are Advantages of Computer Validation?
Helps in keeping track of the performance of the computer system implemented in the organization. It also helps in perfecting the system and making it devoid of any bugs or errors.
6.0 Difference between Equipment Validation and Computer System Validations?
The major difference between the Equipment Validation and Computer System Validation is that the computer system validation begins at the beginning of the system design. It begins and goes through a complete SDLC (System Design Life Cycle). The computer system validation begins with freezing the URS (User Requirement Specifications) and ends with the Performance testing of the system and further plans on decommissioning.
1.0 How to perform Computer System Validations?
New Systems Validation (Module I)
7. On conceptualization of a computer system it is very important to create a URS in a very simple language and is conveyed by the actual user. Each URS should be unique and clearly defined and testable and unambiguous. No conflicting requirements should be asked for. Many a times it may so happen that the end user is qualified enough to describe the functional requirements of the system as well. Based on the URS the technical team creates a functional requirement specifications (FS) detailing the functional aspects of the system. On the basis of URS and FS the detailed Design Specifications (DS) are made. Design Specifications equivalent to Design Qualification. On completion and approval of DS the inquiry is floated to all the listed vendors who can fulfill the requirements and separate Vendor Audits Performed. It is very necessary to conduct this audit with the view of after sales support, support in validation of System, vendors past record, infrastructure, willingness to create a Escrow account and many such factors. Evaluate the vendor for the quality Management System with him. The commercial contract should be signed only after Vendor management and qualification is approved.
A whole lot of documentation should be called for before placements of Commercial order, which are ultimately required for the Validation of Computer systems.
Third party agencies (like Vaiktron) re available to undertake Vendor Qualifications or the Computer System Validations.
Legacy System Validation (Module II)
The approach and methodology is just the same as mentioned above. But a lot of documentation, which is now not available, will have to be created. A retrospective qualification of vendor will be essential. Though it is tough job the requirements are clearly defined.
SOPs required are Computer Systems Validation Master Plan, Design Specification (DQ), Vendor Management, Installation/ Operational Qualification (IQ/OQ), Document Archival & Retrieval, Change Control, Disaster Recovery & Contingency, Operator and Maintenance Training, Access Management to System, Performance Qualification (PQ) etc.