From Acronym to Real-World Best Practices
In today’s Clinical ecosystem, when it comes to Computerized Systems Validation (CSV), there are increasing pressures from Organizational Standards (ISO 9000 Series), Governing Bodies (FDA), and other external influencers that can, when not properly interpreted, lead to introducing deadly waste in your organization. This waste can erode your customer experience and market share. With continuous and increasing pressures to drive value at the lowest cost, maximized productivity, and fastest speed to market, the pathway to success for Quality Leadership is a challenging one, laden with waste-filled landmines waiting to destroy your business and everyone in it.
For Non-Clinical systems within Clinical Organizations, applying the same process mandates employed to Scope, Design, and Execute Validation as well as Verify, Resolve, and Close Defects simply isn’t necessary since the impact from post release defects isn’t the same. No one accidentally gets a deadly insulin shot or the wrong surgical procedure if your salesforce test data is wrong or the workflow doesn’t operate as designed. We still want the best quality available but the severity and tolerance for defects is quite different. So what is the right balance?
It is, therefore, imperative that you implement the right GxP solution (more on this later) for each Customer and Data Type to not only protect yourself against those regulations and governing bodies where necessary, but also to avoid having Tim Woods become a gangrenous infection you are unable to destroy.
What is Computerized Systems Validation?
The purpose of the validation process is to provide a high degree of quality assurance that a specific process (or computer system) will consistently produce a product (control information of data) which meets predetermined specifications and attributes.
Why is Validation Needed – FDA-Regulated Product or Service
The FDA regulations mandate the need to perform CSV and these regulations have the impact of law. Failing an FDA audit can result in FDA inspectional observations (‘483s’) and warning letters. In addition to the warnings, failure to take the necessary action can result in the shutdown of facilities, consent decrees, and can result in serious financial penalties. These penalties can result in the loss of jobs, indictment on responsible parties (usually C-level staff) which can lead to downsizing and ultimately bankruptcy. All sounds very apocalyptic, doesn’t it?
Then, imagine how difficult it is for C-level officers within large Pharmaceutical and Healthcare Organizations to differentiate between Clinical and Non-Clinical systems when the wrong decision could lead them down the path of destruction.
In most cases, it’s easier to adopt a standard Good Clinical Practice (GCP) approach, apply that to the right International Standard (ISO) and employ it across all product and service lines. This reduces risk and liability and keeps the C-level staff out of jail. It also helps ensure that the evidence is in place to demonstrate that the system operates to the expected standard. Since software is always evolving, so are the risks to iterate, and this is why validation is an ongoing necessity.
In Lean Thinking, Tim Woods is an acronym (T.I.M.W.O.O.D.S) used to explain the types of waste that an organization or process incurs when working to deliver a product or service to a customer.
- Over Processing
Validation is seen as the most critical part of the Development Life Cycle (DLC), but it is often the most neglected one leading to unnecessary, expensive tasks being performed that make it harder to win projects against the competition and deliver with the speed necessary to gain the desired market footprint. How often have you heard developers ‘not care’ about defects because that’s a ‘testing job’? How big does the validation ‘Net’ need to get before you start to ‘ask why’?
GxP Design Thinking
Before choosing the right DLC to support your customer’s validation needs, it is important to realize that there is no ‘one size fits all’ solution. Does your business have a GCP checklist to determine when CSV is necessary and when it is not? If you do, are you using it? If you are, how are you measuring success?
There are times when waste is necessary, however there are times when the opposite is true. It’s not as simple as Waterfall vs. Agile, Scrum vs. SAFe, CSV binders vs. no CSV binders. It’s all about Cost Benefit Analysis (CBA) at the end of the day. Understanding your voice of customer, regulatory authorities, and current state competency is key to enabling the right DevOps teams with the minimally viable techniques to deliver your portfolio needs and to protect your Organization.
Empowering those teams to continuously deliver ‘value-based’ work and spend less time on non-value-add tasks is key to their retention, their focus, and ultimately the success of those projects. So when it comes to GxP, think of ‘X’ as the ‘magic’ variable that you need to Define, Measure, Analyze, Improve, and Control each customer experience your business delivers. Good ‘Enough’ Practice may just pave the way to do more with less and accelerate your portfolio outcomes through redeployment of the valuable resources you have currently focused on as non-value add tasks.
At SDLC Partners, there is no single solution to a problem. Voice of customer is in our DNA and our goal is to help you get the most out of your people, process, technology, and data by applying them in the right way and at the right time so that you strike the right balance of avoiding jail time, but also by knowing your enemy, Tim Woods.
“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle”.Sun Tzu