OEM Compliant Software Development

Get in touch to discuss your needs

21 CFR Part 11/GMP Compliant OEM Software Development

Could you sell more software or equipment if you were able to offer your customers 21 CFR Part 11/GxP compliance?

Are you a device manufacturer or software developer with an existing product you wish to launch into the lucrative pharmaceutical industry but are struggling to obtain compliance? Do you have an existing customer that needs a compliant version of your existing product?

TotalLab can help.

We’ve already had our software accepted by the regulatory departments of some of the world’s largest pharmaceutical companies and operating safely for over a decade, so we know exactly what they want in terms of features and usability beyond basic audit trails and other base-level requirements of 21 CFR Part 11/GxP regulations:

 

This means you can be confident that your final product will meet and exceed even the strictest regulatory requirements, ready for active use in industry.

"TotalLab's 21 CFR implementation is probably the best I've ever seen and administered on-site"

David Morton
Associate OT Specialist
Lonza

How Does The Process Work?

Taking your existing product, be it existing software or instrumentation, and making it compliant can be a significant undertaking for a business – often requiring the investment of time, money and even potentially requiring the hiring of new specialist staff.

Here at TotalLab we already have an industry-proven solution – AuditSafe – that can be applied to your existing product, reducing time to market, business risk and the required upfront financial investment. We’ll work with you to support your entry into the market and help you and your sales teams understand the software and opportunities presented when working in regulated industries.

Our software is flexible enough to be wrapped around nearly any existing software or hardware, enabling OEMs a shorter route to market to the lucrative pharmaceutical or manufacturing markets with a significant reduction in investment all whilst requiring no regulatory knowledge required themselves. Those saved resources can then be better allocated internally to exciting new R&D projects.

We’re already trusted with providing compliant solutions for equipment/software developed by the following businesses:

How Does AuditSafe Provide Compliance?

AuditSafe  complies by implementing the following features:

  • Limits system access with user-configurable password strength controls and timed password expiry (21 CFR 11.10(d), 21 CFR 11.200 (a))
  • Ensures data integrity and authenticity of results with configurable control over user privileges assigned to each electronic signature (21 CFR 11, Subpart B)
  • Built-in emergency access protocol to restore access to projects in the case of a user being locked out (21 CFR 11, 11.200 (3))
  • Integrates with Windows active directory logins and passwords to limit system access ((21 CFR 11.10(d))

It also eliminates project overwriting through our check-in/check-out system. This means that analysts can collaborate on a project without risk of overwriting each other’s contributions, leading to a streamlined and easy-to-use collaborative process.

You can learn more about the features AuditSafe provides as a platform on our dedicated AuditSafe product page.

How Do I know my Data is Safe?

Our solution provides an easy-to-read, time-stamped audit trail which contains a complete history of projects created, retrieved and approved.

With our full analysis audit trail/report you can easily reproduce analyses.

The solution also comes equipped with an access log. This automatically tracks critical signature and system access actions such as:

  • Changes to user privileges
  • Login fails
  • Emergency logins
  • The action of changing logins
  • Password changes

All of this information is held to hand, so if called upon you can easily demonstrate your compliance through electronic reports.

Maintaining compliance with the Electronic Code of Federal Regulations

21 CFR part 11.10(d) refers specifically to secure sign-ins and limiting system access to only authorized individuals. This includes controlling who can use the system, sign off a project and view and alter a record.

Our compliant system has the following features to enable users to meet compliance:

  • AuditSafe can detect and record unauthorized attempts to gain access to the system
  • It only allows access to authorized individuals who have a valid username and password
  • Based on a state of actions (operational checks) and user permissions (authority checks) certain actions or sequences can be automatically disabled to maintain the integrity of the system
  • For audit and security purposes, all electronic signatures remain permanently associated with the electronic records, including date, time and reason for approval.
Get in touch to discuss your project