Environmental applications of 21CFR Part 11 for pilot operations
Variables and considerations affecting the decision to operate in a “paperless” environment
By Clive Smith, TAC, and Kevin Healy, LUWA USA, Inc.
By now we have all heard of, and most likely been affected by, the regulations of 21CFR Part 11. Now we’re at the point in the regulations evolution where we can draw on some practical experience and apply this to improve our facilities even further. More specifically, this article will explore how to successfully evaluate the application of this regulation in pilot and scale-up facility operations.
In order to properly implement this regulation, the operating life cycle of the pilot plant needs to be determined. For instance, if the pilot plant operation is going to be utilized for Phase 3 clinical trials and ultimately as a means to meet initial market demand, then electronic compliance not only makes sense in most instances but is a must. Alternatively, if the pilot facility is intended only for initial formulation and early clinical trials, then more traditional control and reporting methods may suffice. There are a number of variables and considerations that affect the decision to operate in a “paperless” environment. This article will give you the perspective to properly evaluate your needs in order to meet 21CFR Part 11 compliance requirements, most specifically as they apply to management of the environment, which includes security and access controls.
Background of the regulation
In August 1997, the Food and Drug Administration (FDA) placed into effect regulation 21CFR Part 11, a regulation that dictates the manner by which electronic records and signatures are to be captured, secured, retained, and retrieved. The intent of this regulation was to help companies leverage the rapidly expanding role of paperless technologies within their facilities while maintaining and improving compliance with the rigorous quality and safety standards (Predicate Rules) required for pharmaceutical and biotechnology products, as well as medical devices.
After an initially slow uptake and an interim focus on Y2K compliance activities, the industry response to this regulation has grown a great deal stronger over the past several years, and many companies are now comfortably applying this regulation to the satisfaction of the FDA. This is due, in part, to the fact that the FDA has recently narrowed the scope and applicability of the rule and has begun rewriting the regulation for better application suitability. As with any new regulation, enforcement cannot be executed in a vacuum. The FDA and leading industry professionals have developed the standard to be more of a facilitator rather than a hindrance.
Consequences of improperly evaluating and implementing compliance requirements
What’s the worst that could happen if you haven’t properly evaluated and implemented your compliance needs? After inadequate responses and/or corrective actions to officially documented inspectional findings (or 483s):
- CEO gets an official warning letter from the FDA, generally expecting a full compliance plan within 15 days
- quality manager could face imprisonment
- implementation manager is out of a job
- company image and share price plummet
- company’s manufacturing license could be revoked
- substantial fines (hundreds of millions of dollars) could be levied
Other, more compelling, positive reasons for pursuing compliance in an aggressive fashion are the pure business benefits that can be derived by moving to a fully paperless environment. From the ability to accelerate the New Drug Application/Approval (NDA) process to the added security of knowing precisely who was at the controls during any stage of production, employing the audit trail and electronic record and signature capabilities mandated by the regulation delivers a powerful competitive advantage. Companies that can reduce or eliminate the paper used in their production and approval processes can reduce costs, accelerate time-to-market and ensure a higher degree of quality and consistency in their end products. Those that adhere to the old paper methods can expect to be left behind.
Achieving compliance, however, is no small task. Although much of Part 11 functionality is software based, it is certainly not the case that compliance is something that can simply be installed. True compliance embraces more than just environmental and production control systems, methodologies, and operating procedures; it extends into virtually every area of the plant and across the regulated industry supply chains. Personnel need to be trained on how to work within the new paperless environment and must be made fully aware of the fact that any actions or signature manifestations recorded electronically carry the same legal weight as their paper-based predecessors. The systems themselves need to be commissioned, installed, and validated properly to ensure that they’re operating in a manner consistent with the letter and law of the regulations. Once the system is up and running, assurances must be put into place to satisfy the requirement that any given record can be called up at any given time, in a readily “human”-readable format. Compliance with Part 11 is indeed a companywide and industrywide undertaking.
The wider product life cycle
In the rush to bring critical systems into compliance while also pursuing ever-pressing business objectives, it’s easy for a company to become inwardly focused and forget why it is making these changes in the first place: to deliver superior product to the consumer in a more efficient manner and with a greater degree of safety and accountability. To this end, there are substantial opportunities for companies that focus their attentions not only on the product storage, handling, and production systems, but also on the environments in which those systems reside.
While strict control and record keeping of the manufacturing phase of a product’s life cycle are clearly of critical importance, it is also imperative that the upstream and downstream phases are suitably considered for their potential impact on product safety, quality, and efficacy. Raw materials and intermediates storage and handling conditions, as well as finished product warehousing and distribution standards, can potentially affect products just as much as the processing/production phase conditions due to the longer duration of these phases and the higher degree of personnel access typical for these other areas of a facility.
Part 11 and “total environment management”
In any production, storage or laboratory environment, there are two basic classes of unplanned and/or undesirable occurrences able to affect the quality and safety of the end product: direct and indirect impact events. Direct impact events, for example, include:
- the addition of an improper amount of an active ingredient
- the addition of the wrong ingredient altogether
- an erroneous setpoint change made to a reaction vessel temperature
Part 11 has been expressly designed to capture these types of direct impact events and reduce the detrimental effect they have on consumers. Electronic audit trails help establish traceability and accountability, aiding the review process objective to “raise flags” should any potentially hazardous actions have been taken or necessary actions omitted during the period under review.
Indirect impact events, however, can be equally harmful to the quality and integrity of the end product, but are not as easily recognized-certainly not from within the electronic records generated by a typical production-centric control system. Examples of indirect impact events include:
- unexpected changes in ambient temperature or relative humidity that could affect the performance of active pharmaceutical ingredients (APIs) waiting in storage locations, perhaps due to a glass breakage or a door mistakenly left ajar
- variances in ultraviolet light levels in a finished-goods warehouse, possibly due to insufficient or degraded screening
A very serious indirect impact event, and one of which we must all be acutely aware, is the theft of an individual’s username and password to gain access to a closed system.
So how does one protect the product, the company and customers from the potentially devastating effects of both direct and indirect impact events? The answer lies within a robust and easy-to-use total environment management solution, or, as it’s more commonly known, an integrated facilities Building Management System (see Fig. 2).
Whichever system you choose to achieve compliance, there are some functionality features you should evaluate as part of your selection process:
Figure 2. A total environment management solution can help protect the product, the company, and customers from the potentially devastating effects of direct and indirect impact events.
Security-physical and logical: Despite the standard two-token username and password combination typically employed within a Part 11-compliant production environment, your manufacturing processes and up/downstream storage resources are only as secure as your overall facility. Proximity cards, smart cards, biometrics, and video surveillance technologies can easily be combined to confirm the identity of an entrant into a secure area. The need to fulfill physical security requirements is of critical importance in high-stakes applications and is actually spelled out by the FDA in 21CFR Part 11.10. Combined with a sophisticated software security model, these measures can guarantee the authenticity and authority level of personnel with access to restricted areas and workstations. Additionally, you can easily trigger alarms if an individual swipes their card in an attempt to enter an area for which they are not authorized or if an authorized employee is being forced to attempt entry under duress. The comings and goings of all personnel can be recorded and reproduced via electronic records, delivering yet another layer of accountability. Furthermore, you can instantly restrict specific users from individual areas or entire zones (all but the exit doors, for example) with a mouse click. This is an important function, as 21CFR Part 11.10 not only covers the protection of facility areas directly related to physical products, but also extends to the protection of the environment of the electronic records (i.e., secure server rooms and archive vaults).
Environmental controls: Again, the nature and quality of the air in a regulated facility can dramatically affect the quality of the end product. While simple HVAC-only control systems can monitor and adjust temperatures and some other critical parameters, a total environment management solution can also monitor, control, and alarm upon a wide variety of other potentially critical variables such as particulate counts, differential pressure and humidity levels, lighting conditions, and laboratory fume hood positions. The level of any one (or all) of these factors, in addition to any corrective actions taken to regulate these levels, can all be recorded electronically, providing yet further evidence when reviewing the overall quality and safety history of an end product.
Providing context with metadata and integration
Raw data, in and of itself, is often of little use without some associated metadata to imbue it with relevance. The fact that a particular room’s temperature was 73°F, for example, is of limited value. Knowing that same room’s temperature is 73°F when it typically should be 64°F adds a fairly significant piece of context to the original data and could provide valuable clues as to why the quality of a particular product batch may have been compromised. Add data from a card scanner that indicates that a particular individual gained access to the room and physically reset the temperature and you have now added accountability to the equation and have a more complete picture of what happened at that precise moment in time.
In the previous example, you can clearly see how the aggregation of data and metadata from different sources allows substantial added value to be derived by the creation of true environmental intelligence. This underscores the significant role total environment management solutions can play in the overall Part 11 compliance mix, helping you (and possibly the FDA) form a more complete, holistic picture of what really occurred.
An integrated security example
Another critical area of Part 11 functionality that can directly affect the safety of the end product is that which restricts access to the system by unauthorized users. However, as with any username/password-based security system, these two tokens can be compromised. For example, an operator may write them down so they aren’t forgotten, or he might share them with someone else in the department. As a result, by using a production process-only Part 11-based solution, you can easily identify who was logged in under a particular username/password combination on any given terminal, but there is no way to know whether that individual was actually the one who made the changes logged to the audit trail.
With a total environment management solution, however, you can track who enters a room by their physical security item, then see whether the login information corresponds with any of the individuals who have entered the room. If, for example, Joe Smith is the only operator who has gained access to a secure area, yet Bob Stephens appears as a login for that system during the same time period, you can be relatively certain that access was gained-to either the room or the system-under false pretenses and take immediate action. The corrective security action can also be indicated in a log report and made available to FDA inspectors or authorities, should the need arise. With the addition of a security camera, you have a total, accurate, near-foolproof system for delivering the ultimate in security and system integrity for your employees and your customers.
Deliver peace of mind, but watch the bottom line
One of the most compelling aspects of Part 11 is that the regulation actually encourages companies to move into the paperless, and thereby more automated, arena. This will introduce new efficiencies, as well as time and cost savings, into the overall production process and help manufacturers to ultimately reduce costs and boost ROI. To get there, however, the initial investment in software, services, training, validation, and documentation development must first be subsumed. Due to the complexities and expense of these items, many companies have waited for the FDA’s recent onerous enforcement activities to begin moving toward compliance. However, if vendors are chosen wisely and the manufacturer does his due diligence prior to purchasing by conducting thorough product assessments and vendor audits, there can be tremendous time and cost savings realized both immediately and down the road.
From both the production and the building automation perspectives, two words should be front-of-mind when evaluating solutions: interoperability and comprehensiveness.
Interoperability: Technology is advancing, and is being adopted, at a remarkable rate. At no time in history has change come so quickly, and it’s finding its way onto our desktops and into our buildings at an ever-increasing rate. Because of the rapid advances from across the entire landscape, you want to be sure that you’ll always have the flexibility to work with best-of-breed, complementary products, regardless of the vendor. So when you’re ready to implement a solution, make sure that it has an extensive, diverse driver library and can converse freely using many of the open protocol, networking, and software standards currently available, such as Ethernet, TCP/IP, BACnet, LON, Modbus, OPC, XML, and SQL. By doing so, you can both facilitate interoperation with legacy systems and maximize your forward migration opportunities.
Comprehensiveness: Many of the concepts and functionalities encompassed in this article are provided by devices from diverse fields of the facility automation landscape-from HVAC to access control, digital video surveillance to fire detection. As such, they typically require different interfaces to get the job done. After all, collecting data on a temperature point once per minute is a very different activity from checking an employee ID against a database in subsecond time. However, a total environment management solution will deliver this complementary functionality within a single architecture, eliminating the time, expense, and aggravation typically associated with the work necessary to attempt this through the integration of disparate “point solution” products.
A compliance umbrella for all
An often overlooked benefit of a total environment management system is its ability to provide a compliance “umbrella” for the myriad subsystems and devices that connect as part of the overall solution architecture. The traditional types of facility automation peripherals such as VAVs, chillers, card readers, and door controllers are naturally covered; however, other devices that may contain critical information but do not have the requisite computational processing, durable media storage, or alarming and database management capacities can easily be included in the fold as well. Such devices include variable speed drives, programmable logic controllers, power monitoring equipment, lighting controllers, and fire monitoring systems.
On a production level, changes are typically made and recorded by HMI/SCADA applications. For the building security and automation business, however, this critical functionality has been previously overlooked. As indicated earlier, the environmental factors of a production environment can have a significant impact on the quality of the end product. Consequently, it is of equal importance to limit the control of, and document the interactions with, the systems that govern the environmental and security conditions of a building.
Through a total environment management system, companies will be able to capture every interaction performed between personnel and hardware device-every time a setpoint is changed, every configuration change made to an HVAC field controller, every alteration made to a card scanner-and have it stored in the same unalterable record format dictated by the FDA.
As an individual creating a pilot-scale operation, you have to remember that the core decision-making process begins with the proper analysis of the life cycle of that pilot-plant operation. This will best help your team determine the level of automation required for your operations and ultimately define how to utilize and create an environment supporting, and supported by, 21CFR Part 11 compliance.
Clive Smith is global market segment leader for life sciences at TAC. He is a 20-year veteran of the facility, industrial, and aerospace automation businesses. Having spent many years in the United Kingdom automation sector, he transferred to the United States 10 years ago to progress his career with a major industrial automation company. For the last four years his extensive experience and expertise have been dedicated to the development and promotion of the life sciences interests of TAC. He holds a degree in computer science, mathematics, and statistics. He can be contacted at (978) 975-9658 or via e-mail at firstname.lastname@example.org.
Kevin Healy is a national sales manager for LUWA USA, Inc. He has a master’s degree in engineering from Drexel University and has been serving different facets of the life sciences industry for over 10 years. He can be contacted at (610) 717-7657 or via e-mail at email@example.com.
Part 11 offers a win-win situation
Each year, the FDA receives many submissions, including more than 100 original new drug applications (NDAs) from pharmaceutical companies wanting to introduce new drugs, market a drug for a different therapeutic purpose, or change dosage recommendations. Since the introduction of Part 11, the FDA can now review NDAs more efficiently and at a lower cost by utilizing electronic records. Everyone wins: Consumers benefit from faster introduction of critical medications; drug companies can earn as much as $1 million a day from leading drugs; and taxpayers fund a more efficient agency.
The FDA employs 700 reviewers to review NDAs, which can contain as many as 1,000 volumes of 300 pages each and must be submitted in triplicate. “When NDAs are submitted electronically instead of on paper, reviewers have fully searchable files that are easier to locate and distribute. Plus, the costs to the agency of storing these documents are reduced substantially,” says Greg Brolund, associate director of technology and policy for the FDA’s Center for Drug Evaluation and Research (CDER).