Unsure about cloud validation? You’re not alone. Many life sciences and other regulated companies are unfamiliar with a cloud-based quality management system (QMS) and wary about its validation. After all, their regulatory compliance is at stake.
Erin Wright, MasterControl validation product manager, demystified the cloud as it applies to regulated companies in a recent presentation at the ASQ World Conference on Quality and Improvement (1).
Wright said cloud technology is ideal for regulated companies compared to traditional on-premise system in terms of cost, efficiency and connectivity with suppliers and stakeholders. However, she said needless fears are keeping many companies from leveraging the cloud.
Cloud-based systems also known as “software as a service” or SaaS, are described by the National Institute of Standards and Technology as “the capability provided to the consumer to use a provider’s applications running on a cloud infrastructure.”
Wright enumerated some of the biggest misconceptions about cloud validation in her presentation at the conference held May 20-22 in Fort Worth, Texas.
#1 Increased validation burden. “The biggest fear is that a cloud-based QMS will require frequent upgrade, and therefore, frequent validation,” said Wright. “In fact, it’s just the opposite. Frequent upgrade means smaller, faster and easier validation.”
# 2 Loss of control. Life sciences companies are used to controlling their systems. They equate on-premise system with full control, while they equate cloud-based system with loss of control. Wright said the cloud, just like an on-premise system, allows users to have access to their data whenever they need it. They control the access to it.
Enjoying this article? You may also enjoy this White Paper:
The Business Case for Moving to the CloudDownload Free White Paper
#3 Commingling of data. Life sciences companies, most of which own proprietary information, are afraid to share a platform with other companies. They fear the commingling of data. While some delivery models risk commingling, Wright gave this advice: “Choose a model that allows data seclusion.”
#4 Security vulnerability. This is another myth because the degree of security vulnerability, whether on-premise or cloud, depends on the technology used to secure data and the strict enforcement of security protocols.
Wright noted that cloud providers usually have dedicated security teams to protect the platform. Also, a frequently updated system will always have the latest security patches.
Wright cited her company’s validation approach, which uses the groundbreaking Validation Excellence Tool (VxT) to accelerate and simplify the validation process. Wright spearheaded the development of VxT, the first-ever automated, risk-based validation application for regulated companies. It was launched in 2017.
With the help of the tool, MasterControl customers have greatly improved their validation experience, according to Wright. On the average, they have reduced 104 hours of labor-intensive validation activities to just 20 hours and also cut at least 336 hours in overall project preparation time.
(1) Erin Wright, MasterControl’s validation product manager, spearheads the efforts pertaining to the development of the company’s Validation Excellence Tool (VxT), which streamlines the risk-assessment process and greatly reduces validation time. She created and implemented the configuration-based testing that drives the VxT and developed the formalized risk-based approach at the heart of MasterControl’s Validation Excellence methodology. She has over a decade of experience in quality, validation and regulatory compliance in SaaS companies.
Cindy Fazzi writes about the life science industry and other regulated environments for MasterControl. She has worked as a journalist in three countries. Her two decades of experience as a news reporter, writer, and editor includes working for the Associated Press in Ohio and New York City. She has a master’s degree in journalism from Ohio State University.