As the Life Sciences industry comes to depend increasingly on excellent technology and data for speed, efficiency and competitive advantage, it’s more important than ever that companies harness validation as soon as possible in the project lifecycle. Jens Marburg from MAIN5 explains.
Bankrx Shutterstock
In regulated industries such as Life Sciences, systems relevant to GxP (‘good practices’) must be formally validated as being able to fulfil their intended purpose. This necessitates computer system validation (CSV) or assurance (CSA). Yet, too often, these approaches are seen mainly as a compliance exercise; a project cost centre.
The emphasis on burden and cost downplays the wider value of system validation in a digital process transformation initiative (if invoked early enough). In Life Sciences today, most organisations’ strategic ambitions include more dynamic and seamless data sharing, and repurposing of that data across functional boundaries (enabled by IDMP standards, for instance). They also include increasingly advanced use of AI. As these aims increase in scope and complexity, ensuring that everything works as it should will be an important determinant of a project’s long term success.
The validation process is correlated with other departments besides IT and Quality. This forces people to think ahead and to define what they want, ensuring that everyone is working within agreed parameters, to achieve success and mutually beneficial outcomes.
The alternative is projects not delivering and having to be reworked, at great expense and delay. Ultimately, it could mean patients failing to gain prompt access to safe, high-quality medicines or medical devices.
Avoiding a race to the bottom
Imagining that cutting back on validation, or system assurance, could expedite or reduce the cost of project delivery represents a dubious race to the bottom. Yet this regularly becomes a topic in project budget discussions.
If ambitious new systems go wrong (which can be the case in up to 85% of projects that have not followed validation standards), or if they take in or put out bad data (uncovered during a Health Authority inspection), the reputational risk could be painful and lasting. And it will almost certainly mean time-consuming re-engineering to put problems right - which always costs more after the fact.
Making validation pay
Below are some pointers to maximising the positive impact of system validation.
1. Consider validation requirements first, not last
First, there needs to be a recognition that validation is not a standalone undertaking that takes place after the main project. Optimising the beneficial impact of CSV or CSA starts with early action, ideally when organisations start thinking about a project or the introduction/change of a system. Certainly, it should be an integral part of a technology or data project, not an afterthought.
By determining, from the outset, the factors that will allow later validation, teams are more likely to stay focused on important developments, ensuring that they are delivered on time and with high quality. Validation should be fully factored into, and budgeted for, as part of the project. Nothing else should happen until validation requirements have been set down and agreed.
2. Capture all needs up front
Validation should be directed by someone with a high-level overview and holistic interest in the new project’s success – with the aim to proactively anticipate likely issues, with input from subject matter experts across all affected departments.
Too often, though, issues don’t arise until after an inspection - at which point costly retrospective action will be needed. EMA and FDA findings are made public too, so there could be reputational damage if systems are found not to comply with regulatory expectations. Quality management systems (QMSs) have been the focus of recent waves of inspections, increasing the urgency around ensuring a continuous validated state.
3. Set the right intentions, whatever approach you choose
The CSV vs CSA debate is a distraction. While Good Automated Manufacturing Practice 5 (GAMP 5) is geared to defining computer system validation guidelines systems governed by regulations, the US FDA’s CSA guidance focuses on containing risk rather than compliance with rigid rules, placing more emphasis on assurance that systems can be safely depended on for their intended use. This is considered by some to be a less burdensome approach.
As liberating as the CSA approach might seem, the ideas it sets out are nothing new. The debate is really around minimising over-engineering and the potential for inefficiency in favour of defendable compliance, which feels more ‘agile’ in today’s dynamic environment. Certainly, validation approaches need to move with the times.
It can be more helpful to think of any guidelines as ‘recommended best practice’, focus on the essence of the provisions, and be pragmatic and flexible where necessary. Early collaboration between validation and IT teams can help with this, to pre-empt any issues and determine the associated level of risk and appropriate provisions.
4. Focus on the overall outlay, based on the total cost of system ownership
If immediate project costings (and timelines) have served as a barrier to a more strategic, proactive approach to system validation, this may be because the immediate cost of project delivery has been the focus, rather than the total cost of system ownership. The latter focuses on a successful operational system that does what it promised - once live, and over time.
The GAMP community estimates that if companies approach validation pre-emptively and with the right intent it should account for 10% of the overall project budget. If it neglected, under-resourced or left too late, on the other hand, it is likely to cost considerably more. That’s even before the impact on any indirect co-dependencies, or the cost of missed benefits. Ultimately, companies that commit themselves to doing validation well will be taking better care of patients, through more efficient delivery of better drugs or medical devices.
5. Make validation as much a priority as choosing the right vendor
Finally, selecting the right supplier, as well as defining the validation criteria up front, will further boost the likely success of a project’s delivery - by moving everything up a level, and ensuring that nothing has been overlooked in the specification of the new system.
For many companies, mandatory compliance with regulatory requirements like IDMP is driving technology investment. Yet the associated process transformations will only be delivered if new systems and data processes have been optimised and validated - to take full advantage of the intended standardisation.
Even AI tools need agreed parameters to work within, e.g. in their use of data, so that they can be harnessed reliably and optimally. The bigger and more globally dispersed the organisation, the greater the need for agreed structure around how systems work and how data is defined, to prevent undesirable variances according to who is using the technology.