“Reducing Business Risk While Remaining Compliant with SaaS Solutions” will be the topic discussed by Jim Schweitzer, Director of Commercial Technology Services at Vision Point Systems, at the 2013 DIA Annual Meeting in Boston, Mass. Jim will presenting in a morning session on Tuesday, June 25th. The presentation will be part of a session on “Acheiving Innovative Technology Results” sponsored by the DIA IT Community.

Co-presenting will be James O’Keefe, Director, Clinical & Regulatory Optimization of Paragon Consulting. James will be presenting on “When and How to Leverage Cloud Technology Into Your Clinical Architecture.”

The question of whether Software as a Service and cloud-based systems can be Validated for compliance with FDA Part 11 regulations for Electronic Records is a timely topic. The “cloud” is becoming more widely  accepted as a means for reducing capital expenditures on IT infrastructure, while also providing benefits for survivability, scalability, and flexibility.  However, given the critical nature of the data managed by computer systems supporting GCP, there are limits on the extent of the array of cloud-based offerings that Drug Sponsors and CROs can take advantage of.

Jim’s presentation will cover the differences between public and private cloud infrastructure models, and the appropriateness of each. The presentation will outline risks that can be identified as specific to software as a service, cloud hosting models, and server virtualization, and discuss the mitigation plans that can be put in place. However, risks that can be reduced by implementing a hosted solution will be identified as well.  The presenter will evaluate how to manage risks and make the case for using SaaS with respect to the entire system lifecycle – from requirements specification, to the vendor’s programming and testing, and to qualification. The goal of the presentation is to give the audience insight into the real-world application of Validation best practices in light of modern technology architectures that are becoming pervasive in the modern IT universe.

The presentation is informed by Jim’s experience as a product development manager for OmniRand, a cloud-based Clinical IRT system, and other experience as a Validation consultant for hosted EDC, and REMS risk management systems. The Validation best practices referenced are informed by ISPE’s GAMP 5 process for risk-based computer systems validation.

Author