关于计算机化系统的法规要求

译文by Thomas Tang

5分钟阅读时间 | by Dennis Sandkühler博士

基本上，在GxP环境中对计算机化系统的使用需要考虑各项法规要求。

始终应该依照患者安全、产品质量、数据完整性以及合规要求方面各项潜在风险的背景来加以考虑。除了特定流程，如研发、生产和包装的各项要求之外，关于计算机化系统使用的一般要求（数据的电子存储要求）和验证流程（关于验证文件记录的要求）也必须被满足。 

因此在考虑这些要求的时候，存在着可以区分开来的三种主要类型的要求：

1. 关于流程的具体要求

• 示例：记录的录入应该在进行某项活动之后直接完成。所录入的条目应当永久不能消除，并且应当清晰识别录入的人员身份。

2. 关于计算机化系统的一般要求

• 示例：计算机化系统应有充分的控制措施来避免未经授权的访问或对数据的更改。应当有各项控制措施来避免数据遗漏。对于所实施的任何数据更改都应当有记录，之前录入的条目、谁做的更改以及什么时间做的更改。应当有关于计算机化系统运维的书面规程。

3. 关于计算机化系统验证的要求

• 示例：应当规划好计算机化系统的引入。必须基于风险来考虑整个生命周期，并且在用于生产之前必须把完整且透明的验证文件记录批准好。

这些不同的法规要求有各自的路径进入各种文件当中，如图1所示。

图1 Figure 1   通过相关文件对工艺、计算机化系统和验证法规要求的分类            

在数字化过程中必须实施计算机化系统的各项要求。在制药公司中，关于验证流程的法规要求必须纳入规程中。

作者

Dennis Sandkühler博士
d.velop Digital Life Sciences GmbH质量管理代表
邮箱: dennis.sandkuehler@dvelop-ls.de

---

原文如下：

Regulatory Requirements for Computerised Systems

5 min. reading time | by Dennis Sandkühler, PhD 

Fundamentally, the use of computerised systems in GxP environments requires a consideration of regulatory requirements.

This consideration should always be undertaken against the background of potential risks in terms of patient safety, product quality, data integrity and compliance requirements. In addition to the requirements for specific processes such as development, production and packaging, general requirements for the use of computerised system (requirement for electronic storage of data) and the validation process (requirement for validation documentation) must also be met.

In a consideration of these requirements, there are therefore three main types of requirements that can be distinguished:

1. Specific requirements for the process

• Example: Entries in records should be made directly after performing an activity. The entries should be indelibly and should clearly identify the person making the entry.

2. General requirements for computerised systems

• Example: Computerised systems should have sufficient controls to prevent unauthorised access or changes to data. There should be controls to prevent omissions in data. There should be a record of any data change made, the previous entry, who made the change, and when the change was made. Written procedures should be available for the operation and maintenance of computerised systems.

3. Requirements for the validation of computerised systems

• Example: The introduction of a computerised system should be planned. The entire life cycle must be considered on a risk basis and full and transparent validation documentation must be approved before productive use.

These different regulatory requirements find their way into various documents, as shown in Figure 1.

Figure 1 Division of the regulatory requirements for processes, computerised systems and validation with the associated documents

Requirements for computerised systems must be implemented for the digitised processes. In a pharmaceutical company, the regulatory requirements for the validation process must be incorporated into a procedural instruction.

Author

Dennis Sandkühler, PhD
Quality Management Representative at d.velop Digital Life Sciences GmbH
E-Mail: dennis.sandkuehler@dvelop-ls.de

---