e-Compliance Requirements Initiative


Although e-Compliance and data integrity requirements have been defined decades ago, the regulated pharmaceutical industry is still struggling with the accurate implementation of such requirements in the daily business activities.

There are several causes for this inappropriate situation:

  • Difficulties for the regulated industry – pharmaceutical manufacturers – to spell out in the solution/system specifications (URS) e-compliance requirements accurately and consistently
  • Inability for the solution providers – equipment manufacturers, software editors ... – to understand and interpret such e-compliance requirements and to take those into account by designing software solutions.

Searching for culprits is not today's goal.

Furthermore, the aim is to help the regulated pharmaceutical industry and its suppliers to implement regulatory requirements, including e-Compliance requirements, consistently and efficiently.

e-Compliance Requirements Initiative; CC-BY-NC-SA 2017; Yves Samson

Purpose and objectives

The purpose of the e-Compliance Requirements Initiative – eCRI – is to propose a discussion and working platform to enable regulatory knowledge sharing between industry and suppliers.

The main objective is to build task forces dedicated to the elaboration of different sets of e-Compliance requirements (URS) for the various types of system and solution.

Compliance requirement mythos

A solution will never efficiently implement regulatory e-Compliance requirements if the related URS states, for instance:

  • The system must comply with Annex 11.
  • The system must comply with 21 CFR 11.
  • The system must support access control.
  • The system must have an audit trail.
  • The system must have validated interfaces.
  • The system must be able to archive data.

> Regulated user duty

It is regulated user duty to spell out requirements in a way requirements are understandable, usable, testable, and complete.

> Supplier duty

It is supplier duty to take over such requirements into the design of the developed solutions.

It is supplier duty to be able to challenge and to improve these compliance requirements for achieving a reliable and efficient implementation.

It is supplier duty to educate and to train its personnel in order to improve implementation expertise and excellence.

Proposed approach – e-Compliance by Design

The e-Compliance Requirements Initiative proposes to build task forces for elaborating the e-Compliance relevant parts of URS for a specific system type, e.g.:

  • Laboratory equipment
  • Laboratory application (e.g. CDS, LIMS)
  • Process control system
    • Including skid-mount equipment
  • Serialisation solutions
  • Clinical application
  • IT application (e.g. ERP, MES, eDMS).

In order to enable concurrent work, the relevant e-Compliance topics will be assigned to different task forces with the mission to cover comprehensively the specific topic; e.g.:

  • Access control and user management
  • Audit trail
  • Archiving
  • ...
  • Printouts
  • ...
  • Configuration management
  • ...
  • Periodic evaluation
  • ...
  • Long term support
  • ...
  • Virtualisation

The primarily focus will be put on the technical implementation (features) of Annex 11 to European GMP, 21 CFR 11, and data integrity (ALCOA+).

How to ...

... participate

Every volunteer is welcome.

The main objective of the Initiative is to bring together:

  • Regulated user representatives (members of regulated pharmaceutical companies)
  • System and equipment supplier / software solution provider representatives
  • Subject Matter Experts; e.g.:
    • Engineers
    • Software developers
    • IT SME
    • Consultants

The volunteers could be from:

  • Project engineering department (e.g. automation)
  • Site engineering
  • Quality Assurance department
  • Quality Control department
  • Analytical department
  • Software development organisation
  • ...

The work will consist of:

  • Writing work: i.e. elaboration of the requirements
  • Consolidation of the proposed inputs
  • Review and comment of the produced requirements.

The task forces will work based on phone conferences and e-mails, as well as, if appropriate, face-to-face.

The documents will be written in English and they will be freely available (public domain).

If you are interested to participate, you should send an e-mail to: ecri@kereon.ch.

Contribution; copyright unknown

Because e-Compliance represents a real added-value and efficiency improvement!