One of the first questions we receive when speaking with clients is whether the system is validated or not. Understandably so, because validation is one of the most important aspects of a computer system for the pharmaceutical market. Software that is not validated has no place in a pharmaceutical company.
Validating computer software is an important but labor-intensive task. We at PCS have more than 31 years of experience in GMP and GDP. Even for us, validation was a challenging task.
The first thing to do when validating a software system is deciding the approach. There are many guidelines that stipulate how to validate. There are a few guidelines for validating software. These guidelines, as their name indicate, offer mere guidelines on what to do. But do not go into detail on how you should perform validation activities. Due to the risk aversive nature in the pharmaceutical market, many companies perform a validation that is way to extensive. Making it hard to understand and explain. As we are a software supplier. We wanted our validation to be as solid as possible, but also easy to explain and understand. Even for non-native English speakers. We also decided to focus on the most important aspect of computerized systems: data integrity.
Once our approach was settled. We needed to divide tasks. Our validation teams consisted of: A validation coordinator to set up protocols and tests, validators to perform the tests, a CEO to keep oversight of the entire operation and an external validation expert. Although we have more than 30 years of experience in the pharmaceutical market, we wanted an independent set of eyes to guide us through the validation.
Once the approach and team were settled. It was time to start the validation. The first document we needed was a VMP. This stipulated the validation approach, the team members and the expected outcome.
With the VMP completed, we were able to start the validation. The first documents we needed were the URS, and specifications. The URS describes the requirements of the users for the system and how the system will be used. This is an extensive process in which the entire system is explained. The specifications describe the design and functional specifications. These are are focused on the look and feel of the software, while operational specifications discuss the technical elements of the software.
The three stages
Normally, the next step is procuring or building the software. As we already have a software system, we could skip this step and go straight to testing. Testing consist of checking if the system works according to the User, functional and design specifications. Testing consist of three stages. Installation, Operational, and performance qualification.
Testing is the most labor intensive part of the validation. As the validation team has to test every part of the system as described in the specifications. Some aspects even need to be tested multiple times. In our case, most of the testing consisted of going through every workflow and every possible route of the workflow to test if all steps are there, in the right order and attached to the right person. In the end, we had tested more than 100 times.
The last step
The validation coordinator also needed to check all forms to see if any deviations occurred, if all testing was performed according to the VMP and if all forms were filled out correctly.
Once everything was checked and small deviations were solved,it was time to start the last step: reporting. The validation report summarized our approach, validation activities and validation findings. The validation report is used to prove that all necessary steps are performed and that the system works as intended according to the specifications. If all steps are completed and the system is deemed validated, it is ready to be implemented in the pharmaceutical market.