Professional Documents
Culture Documents
Computer Systems Validation 2nd Edition 2015 2
Computer Systems Validation 2nd Edition 2015 2
VALIDATION
2nd Edition
November 2015
on behalf of the
NHS Pharmaceutical Quality Assurance Committee
This risk can be mitigated or at least controlled via a robust program of system validation
starting from the initial procurement stages of a new system and continuing throughout
the system’s lifecycle.
While the need for bespoke validation may seem onerous, the high level of variability in
a modern system means that no two systems are identical. For this reason, although
system manufacturers may provide validation packages, such material can only ever
provide a basis for validation and should be supplemented with local testing on the
actual system in place in the department.
It is essential that all of these components work as expected otherwise the desired
outcome (for example a clear, accurate, legible label to put on a product) cannot be
achieved.
The following example occurred in an American Hospital but is wholly applicable to the UK.
Chain of events
1. The new E-prescribing system was set up with option of ordering in “mg” or
“mg/kg” to allow flexibility
2. Doctor original order in mg/kg for 38.6kg patient
“Rx Co-trimoxazole 5mg/kg”
Dose = 193mg
3. Order arrives in Pharmacy for screening, Pharmacist notes that the closest tablet
= 160mg – Pharmacist asks doctor to alter prescription to “160mg”.
4. Doctor opens original order and types “160” but forgets to change dosing mode
to “mg”
We need to ask ourselves could this have been foreseen and prevented by:
Validation of the system – finding the problem before it can cause harm
Different system design
User training
2. Documentation of requirements
Once the overall objective of a new system is defined, the exact requirements of
what the system will need to achieve in its operating environment is documented
in detail via the creation of a “User Requirement Specification” (URS). This
document should take a stepwise approach through the processes which will be
performed while using the system in order to identify all possible functionality the
end user would like the system to provide.
Particular attention should be given to ensuring the new system can exactly
mirror any existing complex manual processes to give the same end result. Areas
where electronic systems have been seen to fall short are;
Multiple dilutions of a starting material to arrive at patient doses (E.g.
preparation of paediatric antibiotics which require a lower concentration
than provided for by manufacturer instructions)
Product expiry times shorter than the system allows (E.g. Melphalan with a
90 minute expiry when the system expects expiry in whole-hour
increments)
Allowing staff to split doses for subcutaneous administration for the
purposes of patient comfort.
However the URS should not overlook the most basic of functionality as it is has
been known for even fundamental points to be lacking in a system as shown by
the following example;
When questioned, the system provider explained that there had been a large number of
errors among Spanish speakers with limited command of English who read “ONCE” and
interpreted it as the Spanish number 11. Requests to change this functionality for UK
systems were refused.
Each of the aspects of the system should be taken in turn and evaluated as to
potential failure modes. To facilitate this process it is sometimes useful to employ
tools such as FMEA (Failure Mode and Effect Analysis) or SWIFT (Structured
What-IF Technique) to systematically identify potential routes of failure in a
system.
Once identified the potential routes of failure should then undergo risk
assessment as follows:
Beware manufacturers’ “Validation Packages”. They prove that the system worked:
The rule came programmed as follows (N.B. system coding has been removed);
o “Discontinued”
o “Canceled”
AND
OR
The rule had been created by the American system designers and worked for all US
sites using the system to send similar reports to the FDA.
However the UK hospital noticed that the reports only ever got sent due to
“discontinued” medicines and not for those marked as “Cancelled”
The System worked when tested in the US….but in the UK we saw “one L” of a
difference in testing!
Functionality
A new interface for the electronic prescribing system is proposed. The system will take
results from the Trust Pathology system and populate the patient record. It will also be
possible for medical staff to enter biochemical result data manually.
Data via either route is not “sense checked” leading to gross error which could
affect treatment decisions
10. Documentation
Once all validation activities are completed, each validated system will have a set
of documentation comprising:
User requirement specification
Record of risk assessment carried out against requirements
System Validation Report to include:
Detail of IQ test results
OQ protocol (comprising a full set of completed test cases)
Traceability matrix (tying together risk assessment outcomes
with OQ test cases)
PQ Protocol (with results of “In-Use” testing performed)
A system description detailing:
Principles, objectives, and scope of the computerised system
System topology (listing computers, and associated servers,
networks etc.)
Security measures (including full listing of current user
permissions)
Interfaces to other systems
Record of requests for changes to the system
Training records: User training is a key part of any system and records
should be kept of all staff trained to use the system and the level of
permissions assigned to that user following training. Delivery of training
should make use of a range of trainers and not rely solely on the
system expert to ensure information is presented in a form understood
by all users.
The validation methods and activities for all computerised systems present in a
unit should be detailed in an over-arching document (sometimes referred to as a
“Computerised System Validation Master Plan” (CSVMP))