Products Services Information About Contact
Products
Ofni Systems provides your FDA-regulated business with software and products to assist with 21 CFR 11, Annex 11, HIPAA, and other regulatory requirements for electronic data and signatures.
ExcelSafe
Part 11 Compliance For
MS Excel® Spreadsheets Simple To Use
Get spreadsheet control in a matter of hours Full Part 11 Compliance
Audit trails, electronic signatures and user security Spreadsheet Validation
We are FDA experts on spreadsheet validation Free Trial
Get a copy of Excelsafe to test today
FastVal
A Complete Validation Management Solution Create Documents
Fastval creates all your validation documents Electronic Execution
Execute validation protocols electronically Deviation Tracking
Deviation generation, tracking and management Project Management
Tools and reports to help manage people & projects
Ofni Clinical
eCRF Data Collection Database For Clinical Trials Case Report Forms
Converts your paper CRF's into eCRF's Edit Checks
Ensure data integrity with validation rules MedWatch Reporting
Automatically generates MedWatch FDA Form 3500A Rapid Implementation
Ready to use in days, not weeks or months
Part 11 Toolkit
Makes Any MS Access® Database Part 11 Compliant Audit Trails
Track all changes made in a database Electronic Signatures
Secure data with electronic signatures Database Validation
Let us validate your database for you Free Trial
Try the Part 11 Toolkit in your own database
Part 11 Advisor
Part 11 Auditing, Remediation and Training Tool Starting Gap Analysis
Facilitates the process of starting gap analysis Assessments
Collect and review data to identify Part 11 gaps Long-Term Tracking
Track the completion of your corrective action plan On-site Implementation
Hands on training on 21 CFR Part 11
Services
Ofni Systems provides your business with the highest quality consulting services to meet all of your compliance and quality needs.
Validation Services Software Validation
 Method Validation
 Process Validation
 Equipment Validation
21 CFR Part 11 Part 11 Training
 Part 11 Auditing
 Compliance Testing
 Software Assesments
Clinical Trials Custom Databases
 Database Testing
 Statistical Analysis
 Statistical Reporting
Other Services Data Migration
 SOP Writing
 Process Automation
 Mock Audits
Information
Ofni Systems is committed to assisting organizations with electronic records compliance, such as 21 CFR Part 11 and Annex 11. Let Ofni Systems make knowledge management simple for you.
21 CFR Part 11
A complete set of resources for 21 CFR Part 11 21 CFR 11.10(a)
Validation of computer systems 21 CFR 11.10(b)
Accurate Generation of Records 21 CFR 11.10(c)
Protection of Records 21 CFR 11.10(d)
Limited System Access 21 CFR 11.10(e)
Audit Trails 21 CFR 11.10(f)
Operational System Checks 21 CFR 11.10(g)
Authority Checks 21 CFR 11.10(h)
Input Checks 21 CFR 11.10(i)
Education, Training and Experience 21 CFR 11.10(j)
Policies for Electronic Signatures 21 CFR 11.10(k)
Document Control Part 11 FAQ
Validation of computer systems
Validation Resources
On selected validation documents Validation Planning
Define the scope and goals of a validation project. Requirement Gathering
Operations and activities that a system must be able to perform. Design Specification
Design Specifications describe how a system performs the requirements Installation Qualification
Verifies the proper installation and configuration of a System. Summary Report
Provides an overview of the entire validation project.
Other Resources
More information on FDA compliance FDA Warning Letters
Sample FDA 483 and Warning Letters Part 11 Publications
Useful 21 CFR 11 resources. Clinical Data Management
Best practices in handling data from clinical trials. Ofni Compliance Blog
Resources and information straight from the Ofni team.
About Ofni Systems
Ofni Systems is dedicated to helping companies address the requirements of 21 CFR Part 11, Electronic Records and Electronic Signatures.
Clients
Alliances
Employment
Customer Support

Computer System


Page 11 of 14« First...567891011121314

Warning Letter: Failure to validate/Insufficient Controls (s6630c)

Tags: | |

Failure to have a validated and secure computerized system. Additionally, there were no written protocols to assign levels of responsibilities for the system. It was noted that the [redacted] instrument model [redacted] used for the analysis of [redacted] failed to have password control for the analysts and the supervisor. It was observed that the data stored on the computer can be deleted, removed, transferred, renamed or altered. While your firm’s management stated that they would like to implement certain improvements in order to establish a security system, no documentation or commitment has been provided. Please note that computerized systems should have sufficient controls to prevent unauthorized access or changes to data. There should be controls to prevent data omissions and assure back-up. There should be a record of any data change made, the previous entry, who made the change, and when the change was made.

View the original warning letter.


Warning Letter: Failure to validate processes (ucm076566)

Tags: | |

Failure to validate manufacturing processes and approve according to established procedures, where the results cannot be fully verified by subsequent inspections and tests. [21 C.F.R. 820.75(a)] Specifically: Computer Numerical Control (CNC) Machine #C-4 had out of specification results during operational qualification conducted during validation. These out of specification results were not investigated or addressed in the validation report.

View the original warning letter.


Warning Letter: Failure to validate computer software (s6537c)

Tags: | |

Failure to validate computer software for its intended use according to an established protocol when computers or automated data processing systems are used as part of production or the quality system; as required by 21 CFR 820.70(i). For example: For yours, Asheboro, NC, facility, the [redacted] Training Database software validation used to document employee training was deficient in that the test scripts were not available to show the execution of the software validation protocol. It appears that at least five (5) tests specified in the approved protocol were not performed.”

View the original warning letter.


Warning Letter: Employees not adequately trained (ucm076532)

Tags: | | |

Failure to establish procedures for identifying training needs, ensure that all personnel are trained to adequately perform their assigned responsibilities, and document training, as required by 21 CFR 820.25(b). For example: “a. Training records for a sterilizer operator and packager were requested at your Asheboro, NC, facility during the 2007 FDA inspection. Out of five (5) training records requested for the sterilizer operator, only two (2) were available. Two (2) training records were requested for the packager and only one (1) record was available.” “b. A number of documents were collected demonstrating that employees were not adequately trained, at your [redacted] facility.

View the original warning letter.


Warning Letter: Failure to maintain records (s6526c)

Tags: | |

Failure to maintain accurate, complete, and current records of each subject’s case history and exposure to the device [21 CFR 812.140(a)(3)].” “We also note that according to Ms. Little-Tierney, all of the original medical records involved in this study were discarded after they were scanned. Your response to the FDA 483 indicates that your medical practice normally operates as a [redacted] office, relying on [redacted] copies of records. Any [redacted] records you maintain must be sufficient to meet your underlying recordkeeping obligations. As we noted above, as an investigator, you are required to maintain accurate, complete, and current records as provided for in 21 CFR 812.140 (a). You must maintain all required records for a period of two years after the latter of the following two dates: the date on which the investigation is terminated or completed, or the date that the records were no longer required for purposes of supporting a premarket approval application or a notice of completion of a product development protocol. (See 21 CFR 812.140(d)).

View the original warning letter.


Warning Letter: Computer systems not validated (s6381c)

Tags: | | |

 
"Software used as part of the production quality system
was not validated
for its intended use according to an established protocol [21 C.F.R. 820.70(i)]. Specifically,
 
(a)
Spreadsheets
intended to check for outliers and calculate mean, SC, % CV, value assignments for finished devices.
(b) Complaint handling software
(c) Quantrol database program"

 

View the original warning letter.


Warning Letter: Failure to Validate MS Excel Spreadsheets (s6366c)

Tags: | | |

Failure to adequately validate the intended use of this PC and its software, as required by 21 CFR 820.70(i). “For example: the dedicated PC [redacted] attached to the [redacted] was not secure in that access to the data on [redacted] was not granted by a unique username and password or equivalent method; there as no documentation associated with the electronic data for whom was responsible for collection of the analytical results as several quality control personnel have access to the [redacted] no software changes in the study data could be detected as there was no audit trail capability ; and finally, the electronic data did not correlate with the paper records.”

View the original warning letter.


Warning Letter: Failure to validate computer software (s6338c)

Tags: | |

Failure to assure that when computers or automated data processing systems are used as part of the production or quality system the manufacturer shall validate computer software for its intended use according to an established protocol, as required by 21 CFR 820.70(i). For example, electronic records are used, but there was no software validation. No procedures are established to validate for its intended purpose the Microsoft Word or Microsoft Excel software used in creating and maintaining nonconformance records, product return records, internal audit corrective action records, or preventive action records. View the original warning letter.


Warning Letter: Failure to validate before implementation (s6328c)

Tags: | |

 
"Failure to
establish and maintain procedures
for the identification, documentation, validation, or where appropriate verification, review, and approval of design changes before their implementation, as required by 21 CFR 820.30(i). Specifically: a) In June 2006, your firm recalled 2455 units of the Spectrum Infusion Pump due to several events where the pump tubing mis-loaded when it was installed by the end user. Several design changes were made to the Spectrum Pump's hardware and software to better assist the end user in installing the pump tubing. These design changes were incorporated into the blanket Engineering Change Notice (ECN # 15501). This ECN contained several individual ECNs to cover each change that was made to correct the tubing mis-loading problem. However, the blanket ECN also included an individual ECN to implement the PCA/PCEA delivery modes within the Spectrum pump. ECN# 15501 and all individual ECNs under this blanket ECN were cleared for manufacturing on May 01, 2006. However, our inspection revealed the
software verification/validation
for the pump operating software version 4.00.04 and MDL software version 5, and the design of the hardware components associated with the PCA/PCEA module were not completed at the time the re-designed Spectrum pump was released for manufacturing. Yet, ECN # 15501 was approved for manufacturing by your firm's Approval Committee (consisting of representatives from Engineering, Manufacturing, Quality Assurance and Purchasing), without ensuring that the appropriate verification/validation for the PCA/PCEA functions were completed. More significantly, 257 units of the Spectrum pumps, manufactured between May 01, 2006, and June 26, 2006, were distributed into interstate commerce with an "enabled" version of this unvalidated PCA/PCEA function as replacements for defective devices that were returned to Sigma International as a result of the June 2006 recall."

View the original warning letter.


Warning Letter: Failure to validate software (s6357c)

Tags: | |

Appropriate controls are not exercised over computers or related systems to assure that changes in analytical methods or other control records are instituted only by authorized personnel [21 CFR 211.68(b)]. Specifically,

  • There was a failure to validate the [redacted] software to assure that all data generated by the system was secure. This software runs the laboratory HPLC equipment, generates and stores data, and performs calculations during testing of raw materials, in-process materials, finished products, and stability samples.
  • User access levels for the [redacted] software were not established and documented. Currently, laboratory personnel use a common password to gain access to the system and there are no user access level restrictions for deleting or modifying data. Furthermore, your system does not have an audit trail to document changes.

View the original warning letter.




Page 11 of 14« First...567891011121314
Ofni Systems Logo
Products Services Information About Contact Privacy Terms Of Use |   (919) 844-2494 Google+