1 April 2007
FDA pharmaceutical regulation 21CFR11 is making its mark across the industry; drug developers, drug manufacturers, equipment suppliers must comply.
By Ellen Fussell Policastro
Kathleen Waters works in South San Francisco as a principal automation engineer at Genentech, a biotech company that uses human genetic information to discover, develop, and manufacture biotherapeutics to address life-threatening illnesses. Part of Waters' job is dealing with FDA regulations. The 21 CFR Part 11 (21CFR11) regulation deals with data handling and criteria under which the FDA considers electronic records and signatures, as well as handwritten signatures executed to electronic records, to be trustworthy. (See "FDA 21CFR11: The basics") While Waters and her team must deal with 21CFR11, she admits only a handful of predicate rules apply to Part 11. (See "Predicate rules") So it is important to assess each situation based on equipment use and not just on the rules.
Waters' team deals with equipment cleaning and maintenance, equipment use, master batch records, master production, and control records sampling. The new guidance document, which came out three years ago from the FDA on Part 11, has forced people to think; "just because you have records on a system, doesn't mean they're Part 11 records," she said. "In the new document, there was a much higher focus on predicate rules [CFRs], and because of that, when you look at Part 11 applicability on systems, you don't look at records of signatures, but how the system will be used," she said.
Here's how it works with Waters' team. When dealing with a new system coming into the plant, they will conduct a Part 11 assessment. The first step is to make sure Part 11 applies to the equipment. "If it does, we identify what rules it applies under; if it doesn't apply, we have to state the intended use and why it doesn't apply," she said. One situation in which 21CFR11 would not apply is if the plant bought an autoclave controller, in which a basic module prints out a report used for equipment tracking of temperatures and alarms. That is valuable from an operational perspective because "there are other ways to get that data, so that printout or that capture doesn't necessarily warrant being a Part 11 record," she said. "If you've integrated all your equipment with a data historian, your data historian is the repository of record for a lot of this data."
In another instance, when buying a new centrifuge (equipment used for protein extraction-to purify proteins or separate materials), Waters' team assesses what products will run on the equipment, and where they'll use it, such as with the manufacturing execution system (MES) and the plant data historian. "We define the whole problem and do a Part 11 assessment, going through the CFRs and looking for rules that apply to this piece of equipment," she said. "Because this system has recipes in it, there's a predicate rule associated with it, and it is product specific. So we determine if we have Part 11 applicability. If Part 11 applies, we look at what records we maintain in the system in electronic format. Because a lot of controllers don't maintain records, there's no Part 11 record in the controller, but they are in the SCADA system or HMI. Generally these records are the configuration of the system, which includes recipes, any type of trending maintained on that system, and an alarm event log for actions or interventions with the system," she said.
It is important to be subjective when assessing CFRs and putting systems in place, Waters said, because companies will do things differently based on what their infrastructure is. With source code, for instance, vendors might build in ways to do audit trails in configurations. But some companies have a standard system they use (such as a configuration management system external to process control). "They've built procedures around it to maintain this audit trail," she said. "So the question then becomes: Does it make sense to use vendor XYZ's tool when you already have a proven tool? We'll extract that data out and move it into a different system, or we might say yes we are going to use that. There's no best way to do it."
Complying for record storage
Just as drug makers need to assess their processes to figure out where and when to comply with 21CFR11, equipment manufacturers design or purchase different software packages to help end users comply.
Fluid Air manufactures shear granulators or mixers and fluid bed driers for powders in solid dosage processing, in Aurora, Ill. The company also uses software for storing electronic records. "We developed proprietary software that has to do with batch processing," said Sarah Crutchfield, the company's manager of software development. The company also purchased batch architect software. "They both accomplish the same task, but it depends on which brand the customer wants to go with," she said. Both systems comply with 21CFR Part 11 by providing means for electronic signatures and creating and storage of electronic records.
Before the regulation, everything was done on paper records, "but now if you choose to provide the FDA with records in electronic format, you must comply with Part 11, which still allows paper records to be submitted," Crutchfield said. This makes sense for smaller companies who could find it too expensive to implement electronic systems. In such cases, "they would still have a paper batch record that would record that information," she said.
Using the right software helps in other ways than just complying with the standard. Using the technology to create secure records and keeping computer processes familiar to operators makes it easier to find those records in the future rather than having paper files, Crutchfield said. "We have part of our batch processing in which we create recipes to control the process so it should be able to run without operator intervention. This way it provides a more consistent product in the end when it's computerized, and we're eliminating human error."
Suppliers build in software packages
Quite a few hardware and software manufacturers have been designing technologies into their equipment to meet compliance requirements. The goal is to make it easier to provide unalterable records, encryption, and increased security, and to eliminate the possibility of making modifications without a record. Quite a few hardware and software vendors have redesigned and upgraded offerings to help customers in pharmaceuticals, biotech, and medical industries, especially with security features in HMI software.
Adding security features and permissions to define individual users provides a tool for integrators to meet 21CRF11 with data recording and storage. When an operator logs in, it is recorded with encrypted data log files. When running a recipe, the operator who has logged in can acknowledge every operation of the recipe," said James Davis, senior systems engineer at Opto 22, a manufacturer of hardware and software products that link electrical, mechanical, and electronic devices and machines to networks and computers, in Temecula, Calif. "That's the main heart of this regulation. Every operation code performed is logged and time stamped, and the current operator is noted." The most common architecture on the user end is a recipe residing in a sequel database. Software for compliance gives developers a chance to set up the operator, pull up the recipe, and run it a step at a time, Davis said. Features in equipment might be to automatically increment up the day and hour with the time stamp whenever there is a change to a control program.
The significant aspect of any software feature is to be certain the person making the change is authorized to make it and is completely identified by a file that can't be altered or removed, said Tom Edwards, Opto 22's senior technical advisor. "That puts the information in as part of the database file. So it's a functional part of our record."
Edwards said he believes the trend in the next few years could be companies responsible for building equipment that is part of a validated system will become smaller because the process adds overhead. "From my perspective, the validation process is awkward and difficult. Whether or not a company chooses to participate is a question that goes to the core of doing business. It's a pain to deal with a validation process. Some suppliers might just start opting out; we've decided to opt in by making more tools," he said.
Some companies building in software go to a lot of trouble to meet 21CFR11 requirements, such as building the audit trail and making it difficult to make a change. Others have backed away from building that security into their system. The future could hold a more select group of suppliers who have gone to the trouble of adding the features to help validate the process, Edwards said. "All we've done is tried to give all the tools to the ultimate person responsible for validation."
ABOUT THE AUTHOR
Ellen Fussell Policastro is the associate editor of InTech. Her e-mail is firstname.lastname@example.org.
FDA 21CFR11: The basics
By Jack Greene
21 CFR Part 11 (21CFR11) compliance has become a major concern within pharmaceutical and biotechnology industries. Most compliance schema are equipment-specific and result in plants with a series of isolated mechanisms for 21CFR11 compliance. This non-integrated approach is difficult to design, implement, and validate and is cumbersome to maintain and defend to regulatory authorities. There are mechanisms to help capture and filter all operator actions, such as setpoint and recipe changes, manual overrides, alarm acknowledgement, and starts/stops/aborts with full audit trail support that includes date, time, and operator ID.
The FDA 21CFR11 audit trail requirement says manufacturers need to capture a date, time, and operator identity for all electronic records. PLC and DCS systems in a continuously running state read inputs, do math, and control outputs without any operator intervention. While the source code is an electronic record you have to maintain, the running control system does not produce electronic records, and therefore meets the electronic records requirements of 21CFR11.
While the 21CFR11 is a lengthy rule with a large scope, its electronic records requirements boil down to three core areas: access control to systems and electronic records, audit trails on electronic records, and revision control on electronic records. Manufacturers must control physical access to the process as well as logical access to the servers where they store raw data. Audit trails must accompany the raw data and include the date, time, and operator ID whenever an operator creates or modifies a record. Records must have version control where a modified record does not obscure the previous value.
Challenges in HMI design
Since the human machine interface (HMI) is the location where operators take action and acknowledge alarms, it is a challenge to design a 21CFR11 compliant HMI. Modern HMI systems maintain alarm logs and operator action logs to track all mandated 21CFR11 information. These systems have the ability to export the logs into an ODBC compliant database or historian for reporting. But the difficulty depends on two questions. First, since we need to develop and deploy new solutions for managing alarms and activity logs for each brand of HMI platform in a plant, how many different vendors supply the plant HMI? Second, unless procedural mechanisms are in place to guarantee they are synchronized, we need to validate each location where the HMI source code exists. On how many stations does the HMI source code exist?
If a plant standardizes on a single HMI platform, it can significantly reduce the design and commissioning costs. (Since the solution is portable, this cost and complexity reduction becomes even more significant as we add more standardized plants.) Traditional HMI models have the HMI source code deployed locally to the HMI station. If there are five stations, there are five source code trees to maintain. If the HMI application deploys to terminal servers, this task becomes significantly easier, as all source code lives on servers and the stations are reduced to thin clients. Since modern HMI systems are able to communicate with any brand of OPC compliant PLC, it is possible (with careful specification and integration) for all of the control systems in a plant to use the same HMI platform.
About the Author
Jack E. Greene is associate director of laboratory and process automation systems at Alkermes, Inc., a biotech firm in Cambridge, Mass. This is an updated, edited version of a paper originally presented at WBF 2005 North American Conference, May 2005 in Atlantic City, N.J.
Predicate rules are requirements in part 21 CFR Food and Drug regulations, promulgated under the authority of the Food Drug and Cosmetic Act or under the authority of the Public Health Service Act. Here are more in the food and pharmaceutical sectors.
Good manufacturing practices