Products Services Information About Contact
Products
Ofni Systems provides your FDA-regulated business with software and products to assist with 21 CFR 11, Annex 11, HIPAA, and other regulatory requirements for electronic data and signatures.
ExcelSafe
Part 11 Compliance For
MS Excel® Spreadsheets Simple To Use
Get spreadsheet control in a matter of hours Full Part 11 Compliance
Audit trails, electronic signatures and user security Spreadsheet Validation
We are FDA experts on spreadsheet validation Free Trial
Get a copy of Excelsafe to test today
FastVal
A Complete Validation Management Solution Create Documents
Fastval creates all your validation documents Electronic Execution
Execute validation protocols electronically Deviation Tracking
Deviation generation, tracking and management Project Management
Tools and reports to help manage people & projects
Ofni Clinical
eCRF Data Collection Database For Clinical Trials Case Report Forms
Converts your paper CRF's into eCRF's Edit Checks
Ensure data integrity with validation rules MedWatch Reporting
Automatically generates MedWatch FDA Form 3500A Rapid Implementation
Ready to use in days, not weeks or months
Part 11 Toolkit
Makes Any MS Access® Database Part 11 Compliant Audit Trails
Track all changes made in a database Electronic Signatures
Secure data with electronic signatures Database Validation
Let us validate your database for you Free Trial
Try the Part 11 Toolkit in your own database
Part 11 Advisor
Part 11 Auditing, Remediation and Training Tool Starting Gap Analysis
Facilitates the process of starting gap analysis Assessments
Collect and review data to identify Part 11 gaps Long-Term Tracking
Track the completion of your corrective action plan On-site Implementation
Hands on training on 21 CFR Part 11
Services
Ofni Systems provides your business with the highest quality consulting services to meet all of your compliance and quality needs.
Validation Services Software Validation
 Method Validation
 Process Validation
 Equipment Validation
21 CFR Part 11 Part 11 Training
 Part 11 Auditing
 Compliance Testing
 Software Assesments
Clinical Trials Custom Databases
 Database Testing
 Statistical Analysis
 Statistical Reporting
Other Services Data Migration
 SOP Writing
 Process Automation
 Mock Audits
Information
Ofni Systems is committed to assisting organizations with electronic records compliance, such as 21 CFR Part 11 and Annex 11. Let Ofni Systems make knowledge management simple for you.
21 CFR Part 11
A complete set of resources for 21 CFR Part 11 21 CFR 11.10(a)
Validation of computer systems 21 CFR 11.10(b)
Accurate Generation of Records 21 CFR 11.10(c)
Protection of Records 21 CFR 11.10(d)
Limited System Access 21 CFR 11.10(e)
Audit Trails 21 CFR 11.10(f)
Operational System Checks 21 CFR 11.10(g)
Authority Checks 21 CFR 11.10(h)
Input Checks 21 CFR 11.10(i)
Education, Training and Experience 21 CFR 11.10(j)
Policies for Electronic Signatures 21 CFR 11.10(k)
Document Control Part 11 FAQ
Validation of computer systems
Validation Resources
On selected validation documents Validation Planning
Define the scope and goals of a validation project. Requirement Gathering
Operations and activities that a system must be able to perform. Design Specification
Design Specifications describe how a system performs the requirements Installation Qualification
Verifies the proper installation and configuration of a System. Summary Report
Provides an overview of the entire validation project.
Other Resources
More information on FDA compliance FDA Warning Letters
Sample FDA 483 and Warning Letters Part 11 Publications
Useful 21 CFR 11 resources. Clinical Data Management
Best practices in handling data from clinical trials. Ofni Compliance Blog
Resources and information straight from the Ofni team.
About Ofni Systems
Ofni Systems is dedicated to helping companies address the requirements of 21 CFR Part 11, Electronic Records and Electronic Signatures.
Clients
Alliances
Employment
Customer Support

Pharmaceutical Manufacturer


Page 3 of 41234

Warning Letter: Failed to validate input/output (ucm214564)

Tags: | |

Your firm failed to check the accuracy of the input to and output from the computer or related systems of formulas or other records or data and establish the degree and frequency of input/output verifications. For example, the performance qualification of your [redacted] system software (Validation No. 4000-03-PQ-0002) failed to include verification of the expiration date calculations in the [redacted] system. In addition, there is no established degree and frequency of performing the verification. Discrepancy reports have documented that product labeling with incorrect expiration dates have been created and issued for use.

View the original warning letter.


Warning Letter: Uncontrolled spreadsheets (ucm227896)

Tags: | |

Your firm has failed to exercise appropriate controls over computer or related systems to assure that changes in master production and control records, or other records, are instituted only by authorized personnel [21 C.F.R § 211.68(b)].

  • Your firm’s laboratory analysts have the ability to access and delete raw chromatographic data located on the [redacted] of [redacted] used to conduct HPLC testing. Due to this unrestrictive access, there is no assurance that laboratory records and raw data are accurate and valid.
  • Your firm’s laboratory analysts have the ability to access and modify the  formulas in the Excel spreadsheets  used to calculate assay results for Guaifenesin and [redacted] drug products. Due to this unrestricted access, there is  no assurance that the formulas in the Excel spreadsheets are accurate and valid.

View the original warning letter.


Warning Letter: Lack of security for electronic data (ucm197966)

Tags: | |

Your firm has not exercised appropriate controls over computer or related systems to assure that changes in master production and control records or other records are instituted only by authorized personnel [21 CFR 211.68(b)].

For example, your firm lacks systems to ensure that all electronic data generated in your Quality Control laboratory is secure and remains unaltered. All analysts have system administrator privileges that allow them to modify, overwrite, and delete original raw data files on the [redacted] used [redacted] in the High Performance Liquid Chromatography (HPLC) units. There are no procedures that address the security measures in place for generation and modification of electronic data files for these instruments used for raw material, in-process, finished product and stability testing. In addition, your firm’s review of laboratory data does not include a review of an audit trail or revision history to determine if unapproved changes have been made.
View the original warning letter.


Warning Letter: Database validation (ucm162745)

Tags: | | |

Failure to routinely calibrate, inspect, or check according to a written program designed to assure proper performance of automatic, mechanical, or electronic equipment, including computers, used in the manufacture, processing, packing and holding of a drug product. [21 CFR 211.68]

The Enterprise Resource Planning System known as the firm’s Systems Applications and Products (SAP) computer database allows rejected batches of drug product to be in Unrestricted Status (to be released for distribution).

During the inspection, you provided our FDA investigators a spreadsheet that you stated contained data for calibration of [(b)(4)], however, you were not able to provide the raw calibration data. In addition, the calibration data for the [(b)(4)] that you provided in your December response in Attachment #9 do not correspond to the [(b)(4)] observed by our FDA investigators.

View the original warning letter.


Warning Letter: Spreadsheet Calculations not Verified or Documented (ucm174100)

Tags: | | |

Your laboratory records did not include a record of all calculations performed in connection with laboratory tests as required by 21 CFR § 211.194(a)(5). For example, laboratory notebook #7, page 49, documents the assay results, but not the calculations performed in Test number DSFS D-13 and Test number TG 521 for the analysis of [redacted], lot #HI7908. The notebook does not document reference to the spreadsheet calculation used to generate the results. In addition, the assay results generated by the spreadsheet were not verified for accuracy. Your response dated February 16, 2009, states that you have established procedures to ensure that calculations of method validation studies are recorded. The Records Management SOP, Section 5.7.4.7, states that the procedures shall define what and how data is to be recorded in respective logbooks. However, this SOP omits instructions to include in the notebook the reference to the spreadsheet calculation used to generate the results, as well as the raw data and calculations. In addition, you continued to release products based on assay results generated by the spreadsheet that have not been verified for accuracy.

View the original warning letter.


Warning Letter: Failure to validate computer system (s7045c)

Tags: | |

Failure to establish written procedures for production and process control designed to assure that the drug products have the identity, strength, quality, and purity they purport or are represented to possess [21 CFR § 211.100(a)]. For example, your firm’s automated packaging line processes and their respective software systems have not been validated .

View the original warning letter.


Warning Letter: Lack of controls and audit trails (ucm1048180)

Tags: | | |

The [redacted] data acquisition system for the [redacted] UV/Visible spectrophotometers allows your analysts to modify, overwrite, and delete original raw data files. The spectrophotometers are used for dissolution testing of finished product, stability samples, and process and method validation studies. All laboratory personnel were given roles as [redacted] Managers, which allowed them to modify, delete, and overwrite results files. This system also does not include an audit trail or any history of revisions that would record any modification or deletion of raw data or files. Your laboratory computer system lacks necessary controls to ensure that data is protected from tampering, and it also lacks audit trail capabilities to detect data that could be potentially compromised.”

View the original warning letter.


Warning Letter: Failure to validate/Insufficient Controls (s6630c)

Tags: | |

Failure to have a validated and secure computerized system. Additionally, there were no written protocols to assign levels of responsibilities for the system. It was noted that the [redacted] instrument model [redacted] used for the analysis of [redacted] failed to have password control for the analysts and the supervisor. It was observed that the data stored on the computer can be deleted, removed, transferred, renamed or altered. While your firm’s management stated that they would like to implement certain improvements in order to establish a security system, no documentation or commitment has been provided. Please note that computerized systems should have sufficient controls to prevent unauthorized access or changes to data. There should be controls to prevent data omissions and assure back-up. There should be a record of any data change made, the previous entry, who made the change, and when the change was made.

View the original warning letter.


Warning Letter: Failure to validate software (s6357c)

Tags: | |

Appropriate controls are not exercised over computers or related systems to assure that changes in analytical methods or other control records are instituted only by authorized personnel [21 CFR 211.68(b)]. Specifically,

  • There was a failure to validate the [redacted] software to assure that all data generated by the system was secure. This software runs the laboratory HPLC equipment, generates and stores data, and performs calculations during testing of raw materials, in-process materials, finished products, and stability samples.
  • User access levels for the [redacted] software were not established and documented. Currently, laboratory personnel use a common password to gain access to the system and there are no user access level restrictions for deleting or modifying data. Furthermore, your system does not have an audit trail to document changes.

View the original warning letter.


Warning Letter: Failure to record in audit trail (ucm076260)

Tags: | |

On January 11, 2006, during content uniformity testing of[redacted], the analyst noticed that the first two capsules were out-of-specification

and the run was aborted. The audit trail for the laboratory data acquisition system does not indicate that the run was aborted and the analyst did not print the sample results or record the failing results in the laboratory notebook.

View the original warning letter.




Page 3 of 41234
Ofni Systems Logo
Products Services Information About Contact Privacy Terms Of Use |   (919) 844-2494 Google+