In a GXP (Good Practice) environment
It is important to have robust change management disciplines in place to ensure that any changes to
systems, processes, or procedures do not adversely impact product quality, safety, or efficacy. Change management should be a systematic process that includes the following steps:
Identify the change: Define the scope and objectives of the proposed change.
Assess the impact: Determine the potential impact of the change on product quality, safety, or efficacy.
Plan the change: Develop a plan for implementing the change, including testing and validation activities.
Implement the change: Execute the plan and document all activities. Review the change: Verify that the change has been implemented correctly and assess the effectiveness of the change.
Identify the change: Define the scope and objectives of the proposed change.
Assess the impact: Determine the potential impact of the change on product quality, safety, or efficacy.
Plan the change: Develop a plan for implementing the change, including testing and validation activities.
Implement the change: Execute the plan and document all activities. Review the change: Verify that the change has been implemented correctly and assess the effectiveness of the change.
Part 11 of the Code of Federal Regulations (CFR) establishes requirements for electronic records and electronic signatures in the
pharmaceutical industry. Part 11 compliance is necessary for any system that generates or maintains electronic records that are required to be maintained under GxP regulations. Part 11 compliance requires that electronic records be:
Secure: Access to electronic records must be controlled and protected from unauthorized access, and the system must have audit trails to track all user activity.
Accurate: Electronic records must be complete, consistent, and accurate, and any changes to electronic records must be documented.
Traceable: The system must be able to trace electronic records back to their source and demonstrate that they have not been altered. Reliable: The system must be validated to ensure that it performs as intended and meets its specifications.
In addition to complying with Part 11, it is important to have procedures in place for electronic signature use. Electronic signatures should be unique to the individual, and the system must have controls to ensure that the signature cannot be repudiated. All electronic signatures must be linked to an electronic record and have an associated audit trail. The system should also have procedures for managing the revocation of electronic signatures in case an employee leaves the company or changes job responsibilities.
Secure: Access to electronic records must be controlled and protected from unauthorized access, and the system must have audit trails to track all user activity.
Accurate: Electronic records must be complete, consistent, and accurate, and any changes to electronic records must be documented.
Traceable: The system must be able to trace electronic records back to their source and demonstrate that they have not been altered. Reliable: The system must be validated to ensure that it performs as intended and meets its specifications.
In addition to complying with Part 11, it is important to have procedures in place for electronic signature use. Electronic signatures should be unique to the individual, and the system must have controls to ensure that the signature cannot be repudiated. All electronic signatures must be linked to an electronic record and have an associated audit trail. The system should also have procedures for managing the revocation of electronic signatures in case an employee leaves the company or changes job responsibilities.