How to be efficient and compliant with 21 CFR Part 11, data integrity, and SaaS/Cloud (Chicago, IL, United States - July 24-25, 2018)

  • ID: 4535703
  • Conference
  • Location: Chicago, IL, United States
  • 2 Days
  • NetZealous LLC
  • Conference Dates: July 24-25, 2018
1 of 4

Course "How to be efficient and compliant with 21 CFR Part 11, data integrity, and SaaS/Cloud" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion.

This interactive two-day course explores proven techniques for reducing costs associated with implementing, using, and maintaining computer systems in regulated environments.

Many companies are outsourcing IT resources and getting involved with Software as a Service (SaaS) and cloud computing. These vendors are not regulated and therefore regulated companies must ensure compliance for both infrastructure qualification and computer system validation. It is the regulated company that wants to avoid FDA form 483s and warning letters. The seminar is intended for regulated companies, software vendors, and SaaS/Cloud providers.

The instructor addresses the latest computer system industry standards for data security, data transfer, audit trails, electronic records and signatures, software validation, and computer system validation.

Today the FDA performs both GxP and Part 11 inspections, the Europeans have released an updated Annex 11 regulation that expands Part 11 requirements and companies must update their systems and processes to maintain compliance.

This seminar will help you understand the specific requirements associated with local and SaaS/cloud hosting solutions.

Nearly every computerized system used in laboratory, clinical, manufacturing settings and in the quality process has to be validated.

Participants learn how to decrease software implementation times and lower costs using a 10-step risk-based approach to computer system validation.

Finally, the instructor reviews recent FDA inspection trends and discusses how to streamline document authoring, revision, review, and approval.

This course benefits anyone that uses computer systems to perform their job functions and is ideal for regulatory, clinical, and IT professionals working in the health care, clinical trial, biopharmaceutical, and medical device sectors. It is essential for software vendors, auditors, and quality staff involved in GxP applications.

Course Objectives:

  • Understand what is expected in 21 CFR Part 11 and Annex 11 inspections
  • Avoid 483 and Warning Letters
  • Learn how to buy COTS software and qualify vendors.
  • Implement a computer system using risk-based validation to gain maximum productivity and reduce cost by as much as two thirds
  • Requirements for local, SaaS, and cloud hosting
  • How to select resources and manage validation projects
  • "Right size" change control methods that allows quick and safe system evolution
  • Minimize the validation documentation to reduce costs without increasing regulatory or business risk
  • Write test cases that trace to elements of risk management
  • Protect intellectual property and keep electronic records safe
Note: Product cover images may vary from those shown
2 of 4

Day 1 Schedule

(8am to 5pm; 0.5 registration, 1.0 lunch, 0.5 (2-15min) breaks, 7.0 class = 9.0)

8:00am to 8:30am registration

8:30am class starts

Lecture 1: Introduction to the FDA (1:30) {1:30}
How the regulations help your company to be successful
Which data and systems are subject to Part 11

Lecture 2: 21 CFR Part 11/Annex 11 - Compliance for Electronic Records and Signatures (4:00) {5:30}
What Part 11 means to you, not just what it says in the regulations
Avoid 483 and Warning Letters
Explore the three primary areas of Part 11 compliance: SOPs, software product features, and validation documentation
How SaaS/cloud computing changes qualification and validation
Ensure data integrity, security, and protect intellectual property
Understand the current computer system industry standards for security, data transfer, and audit trails
Electronic signatures, digital pens, and biometric signatures
SOPs required for the IT infrastructure
Product features to look for when purchasing COTS software
Reduce validation resources by using easy to understand fill-in-the-blank validation documents

Lecture 3: HIPAA Compliance for Electronic Records (0:30) {6:00}
How Part 11 and HIPAA interrelate
What are the additional requirements for patient data

Lecture 4: The Five Keys to COTS Computer System Validation (0:30) {6:30}
The Who, What, Where, When, and Why of CSV

Lecture 5: The Validation Team (0:30) {7:00}
How to select team members
How to facilitate a validation project

Day 2 Schedule

(9am to 3:30pm; 1.0 lunch, 0.5 (2-15min) breaks, 5.00 class = 6.5)

Lecture 6: Ten-Step Process for COTS Risk-Based Computer System Validation (1:00) {1:00}
Learn which documents the FDA expects to audit.
How to use the risk-based validation approach to lower costs.
How to link requirements, specifications, risk management, and testing.
Document a computer system validation project using easy to understand fill-in-the-blank templates.
Based on: "Risk-Based Software Validation - Ten Easy Steps" (Davis Horwood International and PDA - [external URL] 2006).

Lecture 7: How to Write Requirements and Specifications (0:30) {1:30}
Workshop for writing requirements and then expanding them for specifications

Lecture 8: How to Conduct a Hazard Analysis/Risk Assessment-Exercise (0:30) {2:00}
Step-by-step instructions for performing and documenting a risk assessment, and how to use the results to reduce validation documentation.

Lecture 9: Software Testing (1:00) {3:00}
Reduce testing by writing test cases that trace to elements of risk management.
How to write efficient test cases

Lecture 10: System Change Control (0:30) {3:30}
How to manage a validated system with minimal documentation

Lecture 11: Purchasing COTS Software (0:30) {4:00}
How to purchase COTS software and evaluate software vendors.

Lecture 12: Cost Reduction Without Increasing Regulatory or Business Risk (1:00) {5:00}
How to save money
How to increase quality
How to increase compliance with less documentation

Note: Product cover images may vary from those shown
3 of 4


4 of 4
  • David Nettleton Mr David Nettleton,
    FDA Compliance Specialist ,
    Computer System Validation

    Computer System Validation’s principal, David Nettleton is an industry leader, author, and teacher for 21 CFR Part 11, Annex 11, HIPAA, software validation, and computer system validation. He is involved with the development, purchase, installation, operation and maintenance of computerized systems used in FDA compliant applications.

    He has completed more than 230 mission critical laboratory, clinical, and manufacturing software implementation projects. His most popular book is Risk Based Software Validation - Ten easy Steps, which provides fill-in-the-blank templates for completing a COTS software validation project.

Note: Product cover images may vary from those shown
5 of 4


Hilton Garden Inn Chicago OHare Airport
2930 S River Rd
Des Plaines
Chicago, IL
United States


From O'Hare International Airport:
10000 W O'Hare Ave, Chicago, IL 60666.

Head southwest on I-190 W (141 ft.)

Take the exit toward Bessie Coleman Dr-
(0.4 mi.)

Use the right 2 lanes to turn right onto Bessie Coleman Dr-
(0.2 mi.)

Use the right lane to take the Interstate 190 ramp to Interstate 90/Chicago/Interstate 294-
(0.2 mi.)

Merge onto I-190 E-
(1.4 mi.)

Keep right to continue on Exit 1A, follow signs for North River Road and merge onto Des Plaines River Rd/N River Rd-
(Continue to follow N River Rd.)

Destination will be on the left-
(1.6 mi.)

Hilton Garden Inn Chicago OHare Airport-
2930 S River Rd, Des Plaines, IL 60018.

Note: Product cover images may vary from those shown