CDS Compliance and Data Security
Make compliance a competitive advantage
With the ever-evolving emphasis on data integrity, data security and compliance, it’s of vital importance that your CDS provides comprehensive preventative and detection technical controls to enable you to meet modern regulatory requirements including United States Federal Drug Administration (US FDA) 21 CFR Part 11 and European Commission (EU) Annex 11.
Learn how Chromeleon CDS gives you audit safety and delivers compliance, connectivity, productivity and confidence to your laboratory.
Data integrity: “The extent to which all data for its entire lifecycle is complete, consistent, and accurate.”
Electronic data is deemed more secure, reduces human oversight, is more difficult to manipulate or change, and any such changes easier to detect. This perception of electronic data is based on an assumption that the software has the technical controls to support compliance with 21 CFR Part 11 and that those technical controls are appropriately implemented and managed. Of course there are components of Part 11 that are not meant to be satisfied by technical controls within a computerized system. Therefore, it should always be understood that data integrity controls for electronic records are not limited to just technical controls but also require procedural controls.
The World Health Organization and Food and Drug Administration add to it using the principles of ALCOA and ALCOA+
- Attributable: Who acquired the data or performed the action
- Legible: Can you read and understand the data entries?
- Contemporaneous: Documented at the time of the activity
- Original: First recording of data or a true copy
- Accurate: Reflects what took place
- Complete: The records show the complete picture
- Consistent: Free of contradictions – inherently coherent
- Enduring: Unchanged throughout the retention period
- Available: Accessible to be viewed over the record lifetime
The regulatory guidance documents also outline the ‘red lines’ for inspectors, which in terms of a CDS relate to audit trails (traceability), user access and rights controls (security), review and retention of data (record management), and administrative controls.
Compliance and data security features
Audit Trails are an important regulatory requirement and are a proven effective means of detecting data integrity issues. It is incumbent on regulated companies to evaluate the audit trail controls and establish a documented process for review of audit trails.
21 CFR Part 11 established requirements to ensure that electronic records are trustworthy, reliable and equivalent to paper records and handwritten signatures. A CDS that provides all of the necessary functionality built-in to one package reduces the effort required to achieve compliance.
“Chromeleon CDS has really improved our data integrity and ticks all of the boxes for compliance with 21 CFR Part 11 and the MHRA GMP data integrity definitions and guidance for industry”
With Chromeleon CDS you can satisfy regulatory requirements without sacrificing efficiency using the integrated security system, audit trails, and version management tools.
Compliance and data security topics
Data governance is an integral part of a regulated company’s quality system, of which, data integrity is fundamental. With the increased focus on data integrity by international regulatory agencies, tracking who did what, when and why is critical to ensure traceability of data.
Chromeleon CDS is a vital partner in ensuring traceability and data integrity. It provides an automatically-created comprehensive set of secure, computer-generated, time-stamped audit trails which track and record any changes or actions in the software.
Chromeleon software utilizes a relational database to record all versions of data objects and provide sequence-centric storing of audit trails, facilitating audit trail review and retrieval. In addition, a tiered approach to the audit trail allows greater granularity and provides the capability to version data objects. A simple version comparison tool provides easy side-by-side comparison, and even restoring of previous versions of data objects.
Discover the key features of a combined CDS, LIMS and SDMS that help you ensure data integrity for your laboratory in this on demand webinar.
For more information
Chromeleon software’s security system provides the user management capabilities required to meet the requirements of the latest guidance and 21 CFR Part 11. The advanced security system supports an unlimited number of security levels and is designed to fit any chromatography workflow. It is capable of linking to LDAP, tying into the operating system security so that users require only one login, while benefitting from all security levels.
For more information
Data and document retention arrangements should ensure the protection of records from deliberate or inadvertent alteration or loss. Audit trails must also be retained and protected for as long as the original record.
In Chromeleon CDS, beyond the protections afforded by the Operating System, data is managed using centralized relational databases and a comprehensive, chromatography-oriented security system controlling access to data and records.
Furthermore, the Electronic Records and Signatures Rule, known as 21 CFR Part 11, established requirements to ensure that electronic records and electronic signatures are trustworthy, reliable and equivalent substitutes for paper records and traditional handwritten signatures. It requires companies to have validation documentation and implement controls such as audit trails and electronic signatures.
Chromeleon CDS fully supports Part 11 and allows records to be electronically signed with two levels of protection:
- Electronic Reports – providing a controlled pre-submission preview of final results for structured review
- Electronic Signatures – the Electronic Report and entire sequence are locked and protected from further changes
Electronic Reports provides a pre-submission preview of your final results that can be signed at any time. By applying Electronic Signatures, these Electronic Reports and the entire sequence are locked and protected from further changes ensuring regulatory compliance.
For more information
Compliance and data security related products
Chromeleon XTR software: More than a Chromatography Data System
Thermo Scientific™ Chromeleon™ XTR Laboratory Management System adds key features to expand Chromeleon software capabilities beyond a traditional CDS. It manages the entire laboratory with secure, compliant control of all analytical data regardless of instrument vendor or type. It ensures adherence to processes, maintains data security and facilitates complete regulatory compliance.
All data, all instruments and all users in one compliant system.
Want to learn more about how Chromeleon software can help you drive your entire laboratory process, ensure data integrity and compliance and increase productivity? Contact us to now unlock the value of your data.