Background of GxP
Life sciences is a heavily regulated environment and one of the most constraining regulation is the set of regulations and guidelines known as GxP. These global standards include:
- Good Laboratory Practices (GLP)
- Good Clinical Practices (GCP)
- Good Manufacturing Practices (GMP)
- and others
Of course, product-specific requirements are in place and must be implement based on the type of products manufactured and the country in which their products are sold.
How Interfacing can help
1. Regulatory Compliance & Monitoring:
Import new regulations and monitor regulatory changes to maintain your library in sync and to trigger a revision workflow.
- Import new regulations through Excel import or via API
- Import regulatory changes through Excel import or via API
- The EPC will automatically generate a new draft version of your regulations, while maintaining your previous regulations
- Regulations and process owners will be notified of changes, and asked to review changes
- Approval cycle is embedded and lifecycle management allows owners to review in-text all changes that were made.
2. Content Security & Accountability:
- Manage your content independently to ensure data safety during the entire lifecycle
- Adapt your approval workflows to embed full accountability through the lifecycle
- Review all changes, all versions of a content fragment in-text, and with visual highlighting of changes.
- Impact Analysis of all changes
- Digital signature verification on all approvals to ensure that secure identity verification (IAMS, Private & Public Keys, Vault, MHRA)
- Multi-factor authentication (MFA) supported, with for example a code being sent to your phone
3. FDA 21 CFR Part § 11 Compliance:
- Accurate and complete copies of records for inspection throughout the records retention period
- Limit access, approvals, and use to authorized individuals and enforce permitted sequencing
- Secure, computer-generated, time-stamped audit trails to record the date of operator entries and actions
- Record changes do not obscure previously recorded information
- Secure and permanent links of all signatures with approver user and date/time information
- Signatures cannot be excised, copied, or otherwise transferred to falsify an electronic record by ordinary means.
- Ensures the authenticity, integrity, and confidentiality of electronic records
- Ensures that each electronic signature is unique
- Employ at least two distinct components + MFA (optional) for each signature for all
- Enforces workflows that doesn’t allow users to bi-pass two distinct component signature authentication within a single session
- Uniqueness of each combined identification code and password
- Employs transaction safeguards to prevent unauthorized use (MFA, Vault)
- Devices that bear or generate identification code or password information are tested
4. Content Harmonization & Change Management:
- Upon publication of a regulation, notifications are issued to all content owners
- If low-impact, then publish changes after impact analysis
- Otherwise, conduct an impact analysis to evaluate impact of changes
- Determine whether impacts are Major or Minor on all connected content (processes, documents, etc.)
- Can trigger individual fragment review processes to ensure that all changes are evaluated individually
- Unless otherwise indicated, changes to downstream content is stricly controlled until the harmonization is completed, validated and approved.
- Content owners are responsible to ensure that all data is harmonized, can visually see highlighted changes and can see content that was flagged as potentially out-of-date.
Cloud-solution for Compliance
Try It Now For Free!
Document, improve, standardize, and monitor your business processes, risks and performance with Interfacing’s Business Process Management Software (BPM Software) the Enterprise Process Center®!