How does CAPA and Nonconforming Materials intersect with IT and software?

P

Plowmaster

I'm the senior quality manager at a late stage start-up. (Human DNA sequencing)This company has a huge software and production IT component. (The customer receives only DATA from us, a genome map of the DNA sample they sent in.) The software department has it's own 'bug tracking' system and version release control and IT production operates fairly independently, continuously fixing, installing, upgrading, fiddling with the network, data pipeline and hardware. I'm wondering how other companies have dealt with how these departments intersect with the 'usual' CAPA and Nonconforming materials procedures. It would be nice to have everything in one system but software seems to be in a unique world for fixing the bugs that pop up daily. IT is always changing out a crashed hard drive or sending back some equipment to a supplier that didn't work. It's a fairly complex environment: Software to run all the systems, erp, LIMS, data analysis and the Sequencers, IT support of all the processes and then all the Biochemistry involved with Human DNA sequencing. If a customer has a compliant about the data received, that is an easy call, enter into the CAPA system, but the daily bug report because an imager had a registration error that gets noted and fixed within a couple hours? Or for nonconforming materials, its easy when reagents has a buffer that doesn't meet spec but when IT gets a bad drive from Dell or has trouble with two pieces of hardware that are fine but are not compatible when married together? The current solution (as we are learning ourselves what the best practice for us is) is to keep things separate and only narrow SW issues that affect multiple departments or halt production go to CAPA (and complaints if any occur) otherwise just let the SW do their bug tracker (which is a focused software CAPA really) and IT just does their own thing.

We are only one of a dozen or so companies in this market and it's very unique, but I can't imagine it is unique in a heavy marriage of Software, Hardware and Biochemistry.

I hope this post makes a little sense, it's hard to describe, but the main focus is how to (if possible) have everyone in one system and where to draw the line for SW and IT to interact with Material Nonconformances and CAPA.

Thank you,

Kendal Dinsmore
 
B

Bigfoot

:bigwave: Hello Plowmaster & Welcome to the Cove. You pose and interesting question, which I am sure will generate alot of responses / opinions. Not having to deal with the biochemistry variable of your situation I don't feel that I am qualified to give you any advice on the problem. To deal with the intermarriage of our IT / ERP within the QMS to handle N/C material we have allowed the IT dept. to construct their own processes to deal with hiccups, software bugs, etc., but monitor them through our Internal Audits, weekly reviews, and daily N/C meeting to disposition the products. That is my :2cents: worth. It works for us.
 

Pancho

wikineer
Super Moderator
I'm the senior quality manager at a late stage start-up. (Human DNA sequencing)This company has a huge software and production IT component. (The customer receives only DATA from us, a genome map of the DNA sample they sent in.) The software department has it's own 'bug tracking' system and version release control and IT production operates fairly independently, continuously fixing, installing, upgrading, fiddling with the network, data pipeline and hardware. I'm wondering how other companies have dealt with how these departments intersect with the 'usual' CAPA and Nonconforming materials procedures. It would be nice to have everything in one system but software seems to be in a unique world for fixing the bugs that pop up daily. IT is always changing out a crashed hard drive or sending back some equipment to a supplier that didn't work. It's a fairly complex environment: Software to run all the systems, erp, LIMS, data analysis and the Sequencers, IT support of all the processes and then all the Biochemistry involved with Human DNA sequencing. If a customer has a compliant about the data received, that is an easy call, enter into the CAPA system, but the daily bug report because an imager had a registration error that gets noted and fixed within a couple hours? Or for nonconforming materials, its easy when reagents has a buffer that doesn't meet spec but when IT gets a bad drive from Dell or has trouble with two pieces of hardware that are fine but are not compatible when married together? The current solution (as we are learning ourselves what the best practice for us is) is to keep things separate and only narrow SW issues that affect multiple departments or halt production go to CAPA (and complaints if any occur) otherwise just let the SW do their bug tracker (which is a focused software CAPA really) and IT just does their own thing.

We are only one of a dozen or so companies in this market and it's very unique, but I can't imagine it is unique in a heavy marriage of Software, Hardware and Biochemistry.

I hope this post makes a little sense, it's hard to describe, but the main focus is how to (if possible) have everyone in one system and where to draw the line for SW and IT to interact with Material Nonconformances and CAPA.

Thank you,

Kendal Dinsmore

Hi, Kendal,

We face the same issue in a completely different field (engineered building products).

A bug tracking system is quite similar to a CAPA database -- in fact, we use Bugzilla itself, a favorite of software guys, for our CAPA db. But, as you, we place software Non-Conformances as "bugs" into a dedicated instance of Bugzilla for the software team. Regular RCAs (Requests for Corrective Action), go into our separate CAPA instance of Bugzilla.

There are subtle but important differences in the criteria for what NCs get logged in each system; namely, in software all NCs do get logged, while in regular CAPA only those that require corrective action do (others are handled through our procedure for NC product). So it has not been desirable for us to lump all into a single db, either.

I think you should do whatever works for you, and then make sure to document it.

Good luck!
Pancho
 
Q

QCAce

I was in Quality for several years but have recently moved to a systems developer position in our IT department (about 1 1/2 years ago).

You are correct in that the IT department will have their own nonconformance (bug) system and in most cases it also serves as their immediate corrective action system. The best approach, IMO, is to just document that at a higher level in your quality system documentation. For example, "computer software nonconformances are handled in the IT department using system xyz...etc."

Beyond that, not much should change, (from a quality system analysis approach). Hopefully whatever bug tracking system they are using can also provide good metrics that can show continual process improvement. And corrective actions would typically involve other programming improvements that would help eliminate those bugs from occuring again in the future.

I would not get hung up on whether or not everyone is using the same nonconformance tracking system, (or corrective action or document control for that matter). Just indicate what systems are being used and remember they can still be internally audited and they can still be a part of your overall quality system.
 
Top Bottom