I am interested in reading about Validation Protocols for the pharmaceutical industry and in general. I did a search here, but am absolutely lost.

Can anyone post me a link please?

Hello Suziwann !
I have posted some links I know for medical device industry here:
Are there any new regulations for Medical Devices? (http://elsmar.com/Forums/showthread.php?p=171417#post171417)
Check out them, maybe you get some useful info.
BR
György

Thanks for that György!

I had a look the other day but was unable to open the page.

I had to register, but there are some very useful things on that Exactly what I was looking for!
:thanks:

http://www.clinivation.com/pages/resources/downloads.php There is a whole load of free QMS documents there. :D

Here is a version of our software validation protocol which the big pharmas keep approving during audits. I wonder how it would hold up to FDA scutiny?

6215

Names were changed to protect the innocent.

Psyched1,

The document you posted has some useful information but I'm hopeful that there is a program behind the document. By itself, I think that FDA would have issues. In the end, it will be the quality of the planning and execution records that will demonstrate burden of proof.

Regards,

Kevin

Psyched1- thank you for posting the article.

As with Kevin's comments, I think your document would work well as a standard template for protocols given it's fairly generic nature.

However, there were several things I did not see that I would think would need to be there. Electronic Records/Electronic signature, data integrity, backup, archive, data integrity, data security, etc. would need to be addressed also. I think there are several others, but I thought of a few off the top of my head.

Thank you all for your comments. Software validation is a challenge with limited guidance from the FDA.

We are in the pharmaceutical labeling industry so FDA audits seldom occur however we do have monthly customer audits. Fortunetly most Quality Auditors are either QM's with no time on their hands or entry level Quality Auditors and do not have a software background.

Due to my perfectionistic nature I need a robust system that could withstand an FDA audit.

In the PQ section 1. User Verification Testing Plan and Timeline we document how data intergity across platforms will be tested. This is done by having three complete data sets within the system and verifying consitstancy across platforms.

Section 2. "Accessibility" is where we address back up and archival processes which is also stipulated in our IT Procedure and security testing. This is an area for contention since we are a small (65 employee) company do not have the time or labor to validate ever permitation or string of code at every terminal. Instead we verify accesibility on three user codes then attempt to access the system with bad codes at each terminal. We also do the same with each permission/security level for the software and try to access those higher functions.

Its not perfect and I have lots of questions about finding short cuts to validate security (passwords). I also think I need to inprove this form and include software life cycle.

We do not use electronic authorizations/signatures in our facility and find it easier to require a hard copy of any document with a signature.

Pysched, you are doing some nice work, there. Yes, there is frustration that abounds. Again, just some thoughts to throw out there to you:

Realizing that since there is not stringent specifications, you have some flexibility in what is in your scope and what is not. To your point, if it is a functionality that you are not using, then you don't need to validate it (just make notation to that). If you are not going to submit electronic records, you will need to assure the data is not archived/stored in any way, and disable the electronic signature feature.

What you might could do is validate fairly extensively one station. Assure revision control/ etc. in that all stations have the same program/ information on it. Then, perform random verifications at each station.

Others may have another input on this one, but lean on thicker instead of thinner for validation projects. If you get too lean and an auditor was to walk in, they may raise an eyebrow. Too, hopefully your validation project is not just a dust collector. It will have helpful reference material for your software project to be used when revision time comes up, and when a problem arises.

Eventually, this software program will be replaced. Hopefully, your validation package will be as such that it will provide a great foundation for the new application.

Again, I am not in validation. So take these for what they are worth (which is about :2cents: ):lol:

Valid points Brad (punny). In the the world of manufacturing and value added processes much of what we quality guys do does not pay the bills and becomes little more than dust collectors that are in place only for audits. I agree that thick is better than thin on supporting evidence the more you put infront of an auditor the more likely they are to approve a process.

My current validation project is with two facilities (US and UK) both of whom have no experience in validation and I have had to do my own self study to get this far. That being said the emphasis has been in place to get the software to production over emprical validation processes and formal training in validation of those involved. These individuals do not even possess basic statistical knoweldge so you can see the challenge ahead.

Thank you Psyched1.

Suziwann:
Here is attached the WHO´s guide to GMP practices: Part 2: VALIDATION

We completed our first audit on software validation in which we had a partial pass. We did have to restructure our process into the design path (Concept, Design, Implementation, Validation, Production Release) with all the required deliverables (i.e. Software Life Cycle, FEMA, Design Records) of the software devlopment and use a risk based approach. In the end we passed only because

1. We are a pharmaceutical label manufacturer not governed by the Federal Guidelines for Medical Device Manufacturers

2. We back everything up with a paper document and no electronic signatures were used in our process.

This process took two months and the FDA states we should take the least burdensome approach? If we had followed the General Principles of Software Validation; Final Guidelines for Industy and FDA Staff it would have required three more people and three more months.

psyched1,

As I've found out, folks that don't understand validation activities (or the need for it) also don't understand the investment of resources, time and money to get the job done properly. It is not uncommon for the total costs of validation to be in the tens of thousands of dollars. I was involved in a two year process validation effort that ended up costing $13 million dollars and fully consumed about 12 people (internal, temps and consultants). As a matter of record, most of the validation documentation are just records collecting dust, but they are there should the need arise.

Congrats on your validation effort. Sorting this all out from scratch is a nice accomplishment!

Regards,

Kevin

Thanks Kevin.

For the most part validation is as difficult as it is non-value added. The FDA suggests using the least buredonsome approach in conducting validation. :rolleyes: Now thats funny.

Anyone can help? I need to have copies of facility IQ, OQ protocol templates.

Thanks a lot.

Allan

my e-mail is allanhong@hotmail.com

Anyone can help? I need to have copies of facility IQ, OQ protocol templates.

Thanks a lot.

Allan

my e-mail is allanhong@hotmail.com
I don't have one but you may be able to use the attached guide to develop your own.