Overview

This webinar describes exactly what is required for compliance with Computer Software Assurance guidance, 21 CFR Part 11, and the European equivalent Annex 11 for local, and SaaS/Cloud hosted applications. It explains how to write a Data Privacy Statement for compliance with EU General Data Protection Regulation (GDPR). What the regulations mean is described for all four primary compliance areas: SOPs, software features, infrastructure qualification, and validation. It gets you on the right track for using electronic records and signatures to greatly increase productivity and ensure compliance.

Webinar Takeaways

  • Which data and systems are subject to Part 11 and Annex 11
  • How to write a Data Privacy Statement
  • What the regulations mean, not just what they say
  • Avoid 483 and Warning Letters
  • Requirements for local, SaaS, and cloud hosting
  • Understand the current industry standard software features for security, data transfer, audit trails, and electronic signatures
  • How to use electronic signatures, ensure data integrity, and protect intellectual property
  • SOPs required for the IT infrastructure
  • Product features to look for when purchasing COTS software
  • Reduce validation resources by using easy to understand fill-in-the-blank validation documents

Agenda

What 21 CFR Part 11 means today

  • Purpose of Part 11

What does Part 11 mean?

  • SOPs
  • System features
  • Infrastructure qualification
  • Validation

Security standards

  • Roles
  • Usernames and passwords
  • Restrictions and logs

Data transfer standards

  • Deleting data
  • Encryption

Audit trail standards

  • Types of data
  • High risk systems

Electronic approval standards

  • Electronic signatures
  • Single sign-on
  • Replacing paper with electronic forms

Infrastructure qualification

  • How to efficiently document qualifications

Validation

  • Software validation for vendors
  • Computer system validation for users
  • Fill-in-the-blank templates
  • Change control re-validation

SaaS/Cloud hosting

  • Responsibilities for software vendor and hosting provider
  • Evaluation criteria
  • Hosting requirements

SOPs

  • IT, QA, validation
  • Software development

Annex 11

  • Comparison with Part 11
  • Data Privacy Statement
  • End

Who Will Benefit

  • GMP, GCP, GLP, regulatory professionals
  • QA/QC
  • IT
  • Auditors
  • Managers and directors
  • Software vendors, hosting providers

This course is closed for enrollment.

Faculty David Nettleton Owner, Computer System Validation and FDA Compliance consultant David Nettleton

Faculty David Nettleton

FDA Compliance Specialist

Computer System Validation

Roseville, California Area

Computer System Validation’s principal, David Nettleton is an industry leader, author, and teacher for 21 CFR Part 11, Annex 11, HIPAA, EU General Data Protection Regulation (GDPR), software validation, and computer system validation. He is involved with the development, purchase, installation, operation and maintenance of computerized systems used in FDA compliant applications. He has completed more than 300 mission critical laboratory, clinical, and manufacturing software implementation projects. His most recent book is Software as a Service (SaaS) Risk-Based Validation With Time-Saving Templates, which provides fill-in-the-blank templates for completing a COTS software validation project.