FDA Compliance and Mobile Applications 

Presented by Carolyn Troiano

We will discuss in detail how computer system validation can be applied to mobile applications subject to FDA regulations. This is critical in order to develop the appropriate validation strategy and achieve the thoroughness required to prove that a system does what it purports to do. It also ensures that a system is maintained in a validated state throughout its entire life cycle, from conception through retirement.

As technology changes, we need to adapt our approach to computer system validation for systems regulated by FDA to ensure that we take into account all controls that need to be in place, whether technical or procedural. Mobile devices have the added complexity of being small, portable, and vulnerable to both physical and logical mishaps or calculated attacks.

In Depth Testing of Computer Systems Regulated by FDA

Presented by Carolyn Troiano

We will discuss the importance of applying industry best practices when performing the validation process for a computerized system used in an FDA-regulated environment (i.e., the system "touches" product during the manufacturing, testing or distribution process). Such a system must be validated in accordance with FDA guidelines for computerized systems and documented accordingly. Testing is a very large component of this work and will be looked at in greater detail.

Since 1983, with the issuance of the guidance document from the FDA on validation of computerized systems, this topic has applied to pharmaceutical products and the computer systems used to generate, collect, analyze, process, and report data. Subsequently, the FDA applied the same guidance to computer systems used in the biologics and medical device industries. More recently, the FDA has brought tobacco products under their regulatory jurisdiction and has applied guidelines for validation of computer systems used in the manufacture, testing, or tracking of tobacco-related products. This includes cigarettes, cigars, e-cigarettes, and other forms of smokeless tobacco, such as “pouch” products.

Data Governance for Computer Systems Regulated by FDA

Presented by Carolyn Troiano

Effective and compliant computer system data management is critical to organizations in the pharmaceutical, biologics, vaccines, tobacco, animal health, medical device, or other FDA-regulated industry. During the past 30 years, best practices have been developed to ensure computer systems used in these environments can be cost-effectively managed while meeting all aspects of FDA compliance. To take this a step further, we are now looking at ways to ensure the data that resides on these systems is also managed in a compliant manner and one that will provide the best results for operations at the lowest cost. After attending this course, you will understand data governance as a quality control discipline for assessing, managing, using, improving, monitoring, maintaining, and protecting organizational information. It is a system of decision rights and accountabilities for information-related processes, executed according to agreed-upon models which describe who can take what actions with what information, and when, under what circumstances, and, finally, using what methods.

Upon completion of this session, attendees will have an understanding of how to tie data governance activities and investments to corporate drivers, strategies, and compliance. They will learn about establishing data governance program objectives, decision-making organizational structures, and assigning roles and responsibilities that fit within the organizational culture. It is particularly important to understand the role of data owners vs. data stewards, and the criticality of data identity, trust, security, integrity, accessibility, reliability, and consistency. You will see how best to design data governance processes that encompass people, processes, and technology, and understand the policies and procedures necessary to support the data governance framework. The attendees will have a good grasp of how to leverage the best practices across all systems by creating a standardized program for data governance.

Carolyn Troiano has more than 35 years of experience in computer system validation in the pharmaceutical, medical device, tobacco, and other FDA-regulated industries. She has worked directly, or on a consulting basis, for many of the larger pharmaceutical and tobacco companies in the US and Europe. Carolyn developed validation programs and strategies and participated in the review of 21 CFR Part 11, or the FDA’s electronic record/electronic signature (ER/ES) regulation. Carolyn is currently active in the Association of Information Technology Professionals (AITP), and Project Management Institute (PMI) chapters in the Richmond, VA area.