Overview

The responsibility for validation of any computerised system rests with the system or business process owner. However, most of these individuals do not fully understand the regulations they work under or the risk mitigation strategies that need to be undertaken when validating a chromatography data system (CDS). Therefore, before discussing how to validate a CDS, it is important to understand the regulatory requirements and their interpretation so that sufficient work is done to demonstrate fitness for its intended purpose and no more.

The regulations and guidelines have a view on what is expected during the implementation and release of a CDS as well as over the whole life cycle of the system. In general, the emphasis is concerned with generating the documented evidence to demonstrate that the computerised system is reliable and fit for its purpose when validated and continues to be so when it is operational and that there is sufficient proof of management awareness and control. To obtain evidence of an action usually means that it must be documented, although the format and nature of the documented evidence (paper or electronic) is left open by all schemes.

A complicating factor is the current approach of the United States Food and Drug Administration (FDA), who are currently reviewing its approach to the Good Manufacturing Practice (GMP) regulations for pharmaceutical products (21 CFR 211).12 One strand of this approach is the development of a risk-based approach to compliance and another is the review of the electronic records and electronic...