Conducting a successful business in the Life Sciences field is more than just about making money. The Life Sciences industry is subjected to regulatory strains to ensure the products generated are safe. Global Regulatory guidelines come from a variety of places including the FDA, HIPPA, EMEA, ICH, and Health Canada to name a few. The constant changes in the regulatory environment make it nearly impossible to keep up.
In the past few years one of the most prominent compliancy regulations in the Life Sciences field has been 21 CFR. This regulation became extremely important with the FDA guidance on the Electronic Common Technical Document (eCTD) due to the fact that this legislation deals with requirements surrounding Electronic Records, Controls for Open Systems, and Electronic Signatures. One section in particular, part 11, addresses the controls that pharmaceutical companies must put in place for "closed systems", which are environments in which the persons who are responsible for the content control system access. An example of a closed system would be an information system that is contained within an organization's local area network or intranet. These controls require that "Persons who use closed systems to create, modify, maintain, or transmit electronic records shall employ procedures and controls designed to ensure the authenticity, integrity, and, when appropriate, the confidentiality of electronic records, and to ensure that the signer cannot readily repudiate the signed record as not genuine."
Three specific details of 21 CFR part 11 are:
11.10(a): Validation of systems to ensure accuracy, reliability, consistent intended performance, and the ability to discern invalid or altered records.
11.10(b): The ability to generate accurate and complete copies of records in both human readable and electronic form suitable for inspection, review, and copying by the agency.
11.10(c): Protection of records to enable their accurate and ready retrieval throughout the records retention period.
As you can see, issues including data integrity, accountability, and authenticity are vital to conducting business in the Life Sciences field. Ultimus Adaptive BPM Suite Client and Forms are sensitive to these regulations. Specific features and functions in Ultimus Client and Forms provide assurance to IT and Business Managers that their process is completed with the compliancy of regulation oversight, including:
- Encrypted transmissions between Ultimus Clients and Ultimus BPM Server
All modules in Ultimus Adaptive BPM Suite provide secure and encrypted transmissions to and from Ultimus BPM Server. This means that if the transmissions are intercepted by malicious users, the sensitive business data in the transmissions cannot be viewed as "plain text" data.
- Controlled and secure access to business data
Access to Ultimus task lists and the business data associated with Ultimus tasks are always secure, through an authentication process. Authentication prompts appear in both the Ultimus Client as well as direct access to Ultimus forms through hyperlinks in Ultimus email notifications. Even if the Ultimus email notification was inappropriately accesses by another user on another machine, Ultimus would correct block that user from viewing the form. -
Ultimus Signature Controls
Many times, Ultimus forms are configured to include signature controls, in order to ascertain that specific users, supervisors, or managers have reviewed the form and authorize the data in the form. Ultimus Signature controls are secure through username and password combinations (configured by the Ultimus Administrator)
Complying with the global Life Sciences and FDA standards is vital to ensuring Life Sciences companies can not only correctly and safely produce their products, but also the privacy and security needed to produce their products is in place. Without the necessary data security features and functions, how could a BPM Suite possibly be utilized in such a critical and sensitive operation?
Chris Adams
VP Product Marketing and Management
Ultimus
.png?width=28&height=28&name=youtube%20(1).png){kind=small}